Weekly Comments

7 - 14 January 2020

In December 2019, Citrix released a security bulletin (CTX267027) to warn about a file transversal vulnerability in Citrix Application Delivery Controller (ADC) and Citrix Gateway.

In December 2019, Citrix released a security bulletin (CTX267027) to warn about a file transversal vulnerability in Citrix Application Delivery Controller (ADC) and Citrix Gateway. Tracked as CVE-2019-19781, the flaw could allow an unauthenticated attacker to perform arbitrary code execution on vulnerable Citrix servers. Organisations with Citrix ADC and gateway installations are advised to apply the mitigation measures available in the Citrix security bulletin as soon as possible, as several exploits are published online. Multiple threat actors who have weaponised CVE-2019-19781 have started mass scanning to detect and exploit vulnerable servers.  Citrix is expected to deliver patches for the ADC and gateway versions 11.1 and 12 by 20 January, with version 12.1 and 13 coming on 27 January and 10.5 on 31 January.

References:

CVE-2019-19781 - Vulnerability in Citrix Application Delivery Controller and Citrix Gateway

Mitigation Steps for CVE-2019-19781

projectzeroindia/CVE-2019-19781 (Exploit code)

trustedsec/cve-2019-19781 (scanner for vulnerable Citrix server)

More Weekly Cyber Newsanalysis and insights

Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Systems Integration

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence