In December 2019, Citrix released a security bulletin (CTX267027) to warn about a file transversal vulnerability in Citrix Application Delivery Controller (ADC) and Citrix Gateway. Tracked as CVE-2019-19781, the flaw could allow an unauthenticated attacker to perform arbitrary code execution on vulnerable Citrix servers. Organisations with Citrix ADC and gateway installations are advised to apply the mitigation measures available in the Citrix security bulletin as soon as possible, as several exploits are published online. Multiple threat actors who have weaponised CVE-2019-19781 have started mass scanning to detect and exploit vulnerable servers. Citrix is expected to deliver patches for the ADC and gateway versions 11.1 and 12 by 20 January, with version 12.1 and 13 coming on 27 January and 10.5 on 31 January.
References:trustedsec/cve-2019-19781 (scanner for vulnerable Citrix server)
More Weekly Cyber Newsanalysis and insights
Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.
Ensign Systems Integration
Architecting and implementing cybersecurity solutions that bolster defences
Ensign Managed Security Services
Managing your security operations for advanced threat detection, continuous monitoring, and triage services