Security News

Roughly a fifth of the public-facing Citrix devices vulnerable to the CVE-2019-19781 remote-hijacking flaw, aka Shitrix, remain unpatched and open to remote attack. Positive Technologies today estimated that thousands of companies remain open to the takeover vulnerability in Citrix ADC and Gateway.

Citrix has released the full set of patches for the recently disclosed security flaw tracked as CVE-2019-19781, but attacks on vulnerable systems are ramping up. Impacting Citrix Application Delivery Controller and Gateway, the vulnerability was disclosed in December 2019, and the first attacks targeting it followed only weeks later, shortly after PoC exploits were released.

Citrix has released a new set of patches for the recently disclosed CVE-2019-19781 vulnerability and partnered with FireEye for a tool that tells users if their systems have been compromised via the security flaw. The vulnerability, disclosed in December 2019, impacts Citrix Application Delivery Controller and Gateway, and two older versions of SD-WAN WANOP. Following the public release of PoC exploits earlier this month, attackers started targeting vulnerable deployments - there are tens of thousands of vulnerable systems out there.

Citrix Systems and FireEye announced the launch of a new tool for detection of compromise in connection with the previously announced CVE-2019-19781 vulnerability, which affects certain versions of Citrix Application Delivery Controller, Citrix Gateway, and two older versions of Citrix SD-WAN WANOP. This tool is freely accessible in both the Citrix and FireEye GitHub repositories. The free tool is designed to allow customers to run it locally against their Citrix instances and receive a rapid assessment of potential indications of compromise in their systems based on known attacks and exploits.

Citrix and FireEye have teamed up to provide sysadmins with an IoC scanner that shows whether a Citrix ADC, Gateway or SD-WAN WANOP appliance has been compromised via CVE-2019-19781. Though the number of vulnerable Citrix endpoints is declining rather quickly, we don't know have many have been compromised since the start of the attacks.

Citrix and FireEye have released a new security tool to help admins find out if their servers have been hacked via the high-profile CVE-2019-19781 flaw that was disclosed in December but only patched on Monday. The tool can be run on any Citrix instance to check for signs of an intrusion.

Citrix has quickened its rollout of patches for a critical vulnerability in the Citrix Application Delivery Controller and Citrix Gateway products, on the heels of recent proof-of-concept exploits and skyrocketing exploitation attempts. While Citrix originally said some versions would get a patch Jan. 31, it has now also shortened that timeframe, saying fixes are forthcoming on Jan 24.

As attackers continue to hit vulnerable Citrix ADC and Gateway installations, Citrix has released permanent fixes for some versions and has promised to provide them for other versions and for two older versions of SD-WAN WANOP by January 24. CVE-2019-19781, a critical vulnerability affecting Citrix ADC and Gateway that may allow unauthenticated attackers to achieve remote code execution and obtain direct access to an organization's local network from the internet, was responsibly disclosed last December.

Citrix has issued its first set of patches fixing a nasty vulnerability that's been hanging over some of its biggest products. Patches for ADC and Citrix Gateway 11.1 and 12.0 were made available on 19 January with versions 12.1, 10.5, and 13.0 to follow on 24 January.

Citrix has released the first of several fixes that address a vulnerability in its Application Deliver Controller and Gateway products discovered by security researchers in December. The first of the patches to fix the vulnerability in Application Delivery Controller and Gateway versions 11.1 and 12 were available as of Sunday, earlier than the company had originally expected, says Fermin Serna, the CISO of Citrix, which is based in Fort Lauderdale, Florida.