HKCert
Security Blog

Critical Citrix Application Delivery Controller Vulnerability (CVE-2019-19781) Alert

Release Date: 17 / 01 / 2020
Last Update: 17 / 01 / 2020

Multinational software and clouding computing company Citrix recently disclosed a vulnerability (CVE-2019-19781) in its application delivery controller (ADC) products.  A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system. To address the vulnerability, Citrix plans to release a firmware update software at the end of January 2020. Before the release of firmware update software, users can follow the mitigation solution provided by the vendor [1] to avoid being affected by this vulnerability.

 

HKCERT has been monitoring the impact of this vulnerability in Hong Kong.  According to information from international cyber security research organisation Bad Packets, about 162 local IP addresses were vulnerable to this vulnerability. HKCERT has already notified the corresponding network providers and organisations to take appropriate remedial actions. Some of them, in turn, have informed HKCERT that appropriate remedial actions have been taken in response to this vulnerability.

 

The affected Citrix ADC products include:

 

•    Citrix ADC and Citrix Gateway version 13.0 all supported builds
•    Citrix ADC and NetScaler Gateway version 12.1 all supported builds
•    Citrix ADC and NetScaler Gateway version 12.0 all supported builds
•    Citrix ADC and NetScaler Gateway version 11.1 all supported builds
•    Citrix NetScaler ADC and NetScaler Gateway version 10.5 all supported builds

 

Affected users can take the following remedial actions:

  1. Follow the mitigation solution provided by the vendor [1] to avoid being affected by this vulnerability;
  2. Pay attention to the vendor's official website [2] for information on the release of the firmware update software;
  3. Once firmware update software is available for download, users must quickly upgrade to the corresponding version to fix this vulnerability.

 

  Reference Link:


[1]     https://support.citrix.com/article/CTX267679

[2]     https://support.citrix.com/article/CTX267027

[3]     https://www.auscert.org.au/blog/2020-01-14-citrix-netscaler-gateway-servers-australia-vulnerable-cve-2019-19781

[4]     https://www.zdnet.com/article/hackers-probe-unsecured-citrix-servers-for-netscaler-vulnerability/#ftag=RSSbaffb68

[5]     https://badpackets.net/over-25000-citrix-netscaler-endpoints-vulnerable-to-cve-2019-19781/