Digital workspace provider Citrix now expects to deliver patches for the serious remote code execution vulnerability in its Netscaler Application Delivery Controller product by January 25 Australian time.
The company has already released patches for Citrix ADC and Gateway versions 11.1 and 12.0.
To install the security fixes, version 11.1 Netscaler ADC and Gateway instances have to be upgraded to build 11.1.63.15, and 12.0 instances to 12.0.63.13, Citrix said.
Likewise, the forthcoming updates for Citrix Netscaler ADC and Gateway versions 10.5, 12.1 and 13.0 as well as the SD-WAN WANOP product release 10.2.6 and 11.0.3 all need to be upgraded with refresh builds before patches can be installed.
While there are mitigation measures available to prevent attackers from exploiting the CVE-2019-19781 flaw that was disclosed on December 17 United States time, Citrix urged its customers to immediately install the fixes.
Furthermore, the mitigation measures are not effective on system version 12.1.50.28.
I created a simple flow-chart to assist in Citrix CVE-2019-19781 mitigation decision making. This is based on the latest information from @citrix and @ncsc_nl. pic.twitter.com/8ZYQpkNEYF
— Bart Roos (@Bartr00s) January 19, 2020
Attackers are currently scanning the internet for vulnerable Citrix devices to compromise, installing crypto currency miners and other malware.
In one instance, security reserchers found malware being planted on Citrix devices that deletes malicious code already deployed on them, and then applies mitigations to prevent further exploitation while retaining remote access via a cryptographically secured backdoor.
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
Tech in Gov 2025
Forrester's Technology & Innovation Summit APAC 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
.jpg&h=271&w=480&c=1&s=1)
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
