- Critical vulnerability found in Citrix Application Device Controller and Citrix Gateway
- CVE-2019-19781 could allow remote access of a company’s internal network
- It could also allow remote code execution by attackers
- At least 80,000 companies worldwide are at risk
- Citrix is working on a patch and has released mitigation steps
Attention all Citrix users! One of your favourite business tools, Citrix, has currently come under a major threat that could literally cost your Fortune 500 company a fortune.
A severe flaw has been spotted in two of Citrix popular services called Citrix Application Device Controller and Citrix Gateway. You might also know them with NetScaler’s name.
The flaw enables Directory Traversal which could lead an attacker to access your company’s LAN and online resources remotely and it could also lead to the dreadful remote code execution.
Technical details of the vulnerability have not been disclosed yet while Citrix is working on a patch.
What’s the problem in Citrix?
A vulnerability of critical nature is present in two Citrix services, named Citrix Application Delivery Controller (previously called NetScaler ADC) and Citrix Gateway (previously called NetScaler Gateway).
The vulnerability could lead to an attacker to access a company’s local network remotely and execute malicious code (Remote Code Execution).
Any external attacker can potentially get their hands on a company’s internal network without having to access any account.
“This vulnerability allows any unauthorized attacker to not only access published applications, but also attack other resources of the company’s internal network from the Citrix server”, says Positive Technologies.
How to know if you are vulnerable?
The vulnerability has been existing for a good 5 years and impacts all versions and platforms that Citrix supports. These include:
- Citrix ADC and Citrix Gateway version 13.0 all supported builds
- Citrix ADC and NetScaler Gateway version 12.1 all supported builds
- Citrix ADC and NetScaler Gateway version 12.0 all supported builds
- Citrix ADC and NetScaler Gateway version 11.1 all supported builds
- Citrix NetScaler ADC and NetScaler Gateway version 10.5 all supported builds
How many companies could be affected?
Citrix is a widely used service in IT, energy, insurance, banking and many other business sectors. An American multinational, Citrix provides business with server, apps, virtual desktops, networking, and even cloud computing services.
According to a report by Positive Technologies, whose researchers helped discover the vulnerability, around 80,000 firms are directly affected by this major flaw. And that is just the minimum number.
The majority of these companies are from the US itself, the UK, Germany, Netherlands and Australia.
What is Citrix doing about it?
Citrix is currently notifying all customers to mitigate the issue and the vulnerability has been assigned CVE-2019-19781, although a severity scoring is yet to be determined.
Nevertheless, experts believe that it could get easily the highest severity rating of 10 considering the kind of control it gives to the attacker and the amount of damage it can do to the customer.
If you use Citrix for your business, you can check out what Citrix has suggested to mitigate the issue. You will also need to be alert about updating your Citrix server as soon as the company releases a patch for it.
You can also use web application firewalls to block threats, as Positive Technologies suggests.
Share this news with your colleagues and team leaders right away. What do you think companies could do to battle the rising amount of cybersecurity risks? Comment your views below. We will be sharing more updates regarding this with all of you, so keep an eye out on our news section.
Stay tuned, stay safe.