Security News > 2020 > January > Still losing sleep over that awful Citrix bug? This scanner is here to help... you realize you've already been pwned

Still losing sleep over that awful Citrix bug? This scanner is here to help... you realize you've already been pwned
2020-01-23 07:04

Citrix and FireEye have released a new security tool to help admins find out if their servers have been hacked via the high-profile CVE-2019-19781 flaw that was disclosed in December but only patched on Monday.

The tool can be run on any Citrix instance to check for signs of an intrusion.

"The tool combines Citrix's technical knowledge of the Citrix ADC and Gateway products and CVE-2019-19781 with industry-leading FireEye Mandiant's forensics expertise and current knowledge of recent CVE-2019-19781 related compromises," Citrix said.

The tool, Citrix warned, will only detect specific indicators of compromise, tell-tale signs that a miscreant has exploited the bug to get access to machines.

Still, the free scanner will at least allow admins to get a general idea of the state of their Citrix gear.


News URL

https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/01/23/citrix_attack_detector/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2019-12-27 CVE-2019-19781 Path Traversal vulnerability in Citrix products
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0.
network
low complexity
citrix CWE-22
critical
 9.8
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Citrix 66 2 64 101 46 213