Citrix server vulnerabilities, reported in December 2019 in CVE-2019-19781, were being scanned by hackers to find entry points into the Citrix systems.
Citrix ADC (Application Device Controller) and Citrix Gateway (formerly known as NetScaler) consists of critical vulnerabilities, which, if exploited successfully, facilitate unauthorized threat actors to carry out an arbitrary remote code execution (RCE) attack. This is a highly critical flaw and its severity can be understood from its CVSS score, which is 9.8. Citrix acknowledged these vulnerabilities in a release on their official forum but has not yet patched them.
The vulnerability affects all supported product versions and platforms mentioned below:
- Citrix ADC and Citrix Gateway version 13.0 all supported builds
- Citrix ADC and NetScaler Gateway version 12.1 all supported builds
- Citrix ADC and NetScaler Gateway version 12.0 all supported builds
- Citrix ADC and NetScaler Gateway version 11.1 all supported builds
- Citrix NetScaler ADC and NetScaler Gateway version 10.5 all supported builds
There are at least 80,000 organizations spread across 158 countries using Citrix ADC. These organizations are at an immediate risk of a cyberthreat. Of the 80,000 organizations, a majority are based in the U.S., U.K., Germany, Netherlands and Australia.
Although these Citrix server vulnerabilities do not yet have a permanent fix, in the interim, Citrix has issued mitigation steps for CVE-2019-19781.
Earlier in December 2019, Citrix Systems collaborated with Google Cloud to boost Google’s Cloud security offering. This partnership made Citrix’s Workspace available for Google’s customers. The partnership integrated Citrix’s remote access tool with G Suite to provide a single sign-in experience, multi-factor authentication, and enhanced security policies for G Suite users.