Security News > 2020 > January > Citrix Systems and FireEye introduce new tool for detection of compromise

Citrix Systems and FireEye introduce new tool for detection of compromise
2020-01-24 03:30

Citrix Systems and FireEye announced the launch of a new tool for detection of compromise in connection with the previously announced CVE-2019-19781 vulnerability, which affects certain versions of Citrix Application Delivery Controller, Citrix Gateway, and two older versions of Citrix SD-WAN WANOP. This tool is freely accessible in both the Citrix and FireEye GitHub repositories.

The free tool is designed to allow customers to run it locally against their Citrix instances and receive a rapid assessment of potential indications of compromise in their systems based on known attacks and exploits.

The tool is compatible with all supported versions of Citrix ADC and Citrix Gateway, including 11.1, 12.0, 12.1, 10.5, and 13.0, and Citrix SD-WAN WANOP versions 10.2.6 and 11.0.3.

In addition to applying the previously released mitigation steps and installing the permanent updates being made available throughout this week, Citrix and FireEye strongly recommend that all Citrix customers run this tool as soon as possible to increase their overall level of awareness of potential compromise and take appropriate steps to protect themselves.

"We believe it is in the best interest of Citrix customers using affected product versions and the entire security community for us to join forces with Citrix to offer a free tool that organizations can rapidly deploy in their own environments to identify potential indicators of compromise of their systems."


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/Al4CXP5hWoQ/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2019-12-27 CVE-2019-19781 Path Traversal vulnerability in Citrix products
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0.
network
low complexity
citrix CWE-22
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Citrix 66 2 64 101 46 213
Fireeye 8 0 8 2 0 10