Security News
More than 80 percent of organizations impacted by CVE-2019-19781, a critical vulnerability in the Citrix Application Delivery Controller and Gateway, have already taken steps to secure their deployments. The security bug impacts multiple versions of Citrix ADC and Gateway, but Citrix has already released permanent patches for all of them, as attacks started to ramp up.
About one in five of the 80,000 companies affected by a critical bug in the Citrix Application Delivery Controller and Citrix Gateway are still at risk from a trivial attack on their internal operations. "The critical information about applications accessible by Citrix can be leaked," he explained.
Roughly a fifth of the public-facing Citrix devices vulnerable to the CVE-2019-19781 remote-hijacking flaw, aka Shitrix, remain unpatched and open to remote attack. Positive Technologies today estimated that thousands of companies remain open to the takeover vulnerability in Citrix ADC and Gateway.
Citrix has released the full set of patches for the recently disclosed security flaw tracked as CVE-2019-19781, but attacks on vulnerable systems are ramping up. Impacting Citrix Application Delivery Controller and Gateway, the vulnerability was disclosed in December 2019, and the first attacks targeting it followed only weeks later, shortly after PoC exploits were released.
Citrix has released a new set of patches for the recently disclosed CVE-2019-19781 vulnerability and partnered with FireEye for a tool that tells users if their systems have been compromised via the security flaw. The vulnerability, disclosed in December 2019, impacts Citrix Application Delivery Controller and Gateway, and two older versions of SD-WAN WANOP. Following the public release of PoC exploits earlier this month, attackers started targeting vulnerable deployments - there are tens of thousands of vulnerable systems out there.
Citrix Systems and FireEye announced the launch of a new tool for detection of compromise in connection with the previously announced CVE-2019-19781 vulnerability, which affects certain versions of Citrix Application Delivery Controller, Citrix Gateway, and two older versions of Citrix SD-WAN WANOP. This tool is freely accessible in both the Citrix and FireEye GitHub repositories. The free tool is designed to allow customers to run it locally against their Citrix instances and receive a rapid assessment of potential indications of compromise in their systems based on known attacks and exploits.
Citrix and FireEye have teamed up to provide sysadmins with an IoC scanner that shows whether a Citrix ADC, Gateway or SD-WAN WANOP appliance has been compromised via CVE-2019-19781. Though the number of vulnerable Citrix endpoints is declining rather quickly, we don't know have many have been compromised since the start of the attacks.
Citrix and FireEye have released a new security tool to help admins find out if their servers have been hacked via the high-profile CVE-2019-19781 flaw that was disclosed in December but only patched on Monday. The tool can be run on any Citrix instance to check for signs of an intrusion.
Citrix has quickened its rollout of patches for a critical vulnerability in the Citrix Application Delivery Controller and Citrix Gateway products, on the heels of recent proof-of-concept exploits and skyrocketing exploitation attempts. While Citrix originally said some versions would get a patch Jan. 31, it has now also shortened that timeframe, saying fixes are forthcoming on Jan 24.
As attackers continue to hit vulnerable Citrix ADC and Gateway installations, Citrix has released permanent fixes for some versions and has promised to provide them for other versions and for two older versions of SD-WAN WANOP by January 24. CVE-2019-19781, a critical vulnerability affecting Citrix ADC and Gateway that may allow unauthenticated attackers to achieve remote code execution and obtain direct access to an organization's local network from the internet, was responsibly disclosed last December.