Critical Vulnerability in Citrix Application Delivery Controller, Gateway, and SD-WAN WANOP

On January 19, 2020, Citrix released firmware updates for Citrix Application Delivery Controller (ADC) and Citrix Gateway versions 11.1 and 12.0 to address CVE-2019-19781. Citrix expects to release updates for other vulnerable versions of Citrix ADC, Gateway, and SD-WAN WANOP appliances through January 24, 2020. (See Mitigations for update schedule).

A remote, unauthenticated attacker could exploit CVE-2019-19781 to perform arbitrary code execution.[2] This vulnerability has been detected in exploits in the wild.

The Cybersecurity and Infrastructure Agency (CISA) strongly recommends that all users and administrators upgrade their vulnerable appliances as soon as possible once the appropriate firmware update becomes available

What doe this mean to those affected?

this is to be affected:

  • Citrix NetScaler ADC and NetScaler Gateway version 10.5 – all supported builds
  • Citrix ADC and NetScaler Gateway version 11.1 – all supported builds before 11.1.63.15
  • Citrix ADC and NetScaler Gateway version 12.0 – all supported builds before 12.0.63.13
  • Citrix ADC and NetScaler Gateway version 12.1 – all supported builds
  • Citrix ADC and Citrix Gateway version 13.0 – all supported builds
  • Citrix SD-WAN WANOP firmware and appliance models 4000, 4100, 5000, and 5100 – all supported builds. (Citrix SD-WAN WANOP is vulnerable because it packages Citrix ADC as a load balancer).

arbitrary code execution (ACE) is used to describe an attacker’s ability to execute arbitrary commands or code on a target machine or in a target process. This process enables hackers to inject specific executable code enabling access specific files of ones machine.

Leave a Reply

Your email address will not be published. Required fields are marked *