This critical Citrix NetScaler bug could affect 80,000 companies

This critical Citrix NetScaler bug could affect 80,000 companies 1

Citrix has disclosed a severe bug in its Citrix Application Delivery Controller (ADC), which is used by at least 80,000 organizations. And for now, there’s no patch available. 

According to Citrix, the bug could allow an attacker to perform arbitrary code execution even without proper authentication.

Admins may also know the affected product as NetScaler ADC, Citrix Gateway or NetScaler Gateway. The bug has been tagged with the identifier CVE-2019-19781.

SEE: 10 tips for new cybersecurity pros (free PDF)    

Given the Christmas holidays, Citrix’s disclosure could be bad timing for enterprise IT admins charged with managing Citrix-powered equipment, which is widely used in enterprise networks across the US, UK, and Australia.  

Unfortunately for customers, the US virtualization company doesn’t have a patch but it does have a recommended mitigation that can be implemented until a firmware fix arrives. 

“Citrix strongly urges affected customers to immediately apply the provided mitigation. Customers should then upgrade all of their vulnerable appliances to a fixed version of the appliance firmware when released,” Citrix noted in an advisory. 

It’s also encouraging admins to subscribe to its bulletin alerts to know when the new firmware is ready. Citrix’s mitigation instructions are available here. 

The bug was reported by Mikhail Klyuchnikov, a researcher at UK security firm Positive Technologies, which published its bug report on Monday. 

Klyuchnikov says the bug affects 80,000 companies in 158 countries and could allow a remote attacker to compromise an internal network within a minute. 

“If that vulnerability is exploited, attackers obtain direct access to the company’s local network from the Internet. This attack does not require access to any accounts, and therefore can be performed by any external attacker,” Positive Technologies noted. 

SEE: Citrix adds intelligent, personalized features to Workspace

Citrix hasn’t assigned the bug with a severity score, but Positive Technologies reckons it warrants a severity rating of 10 out of 10. 

“This vulnerability affects all supported versions of the product, and all supported platforms, including Citrix ADC and Citrix Gateway 13.0, Citrix ADC and NetScaler Gateway 12.1, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1, and also Citrix NetScaler ADC and NetScaler Gateway 10.5,” the security firm notes. 

About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

E-Crypto News Executive Interviews

Crypto Scams

Beanstalk Farms Loses $80M In A Massive DeFi Governance Flash-Loan Hack
Beanstalk Farms Loses $80M In A Massive DeFi Governance Flash-Loan Hack
April 23, 2022
Joon Pak Head of Crypto at Prove talks to Us about Crypto Fraud And More
April 11, 2022
Mintable CEO Zach Burks Talks to Us about the Opensea Stolen NFTs and Their Recovery
March 21, 2022
Crypto Crime
Crypto Crime Surges To Record Highs As Thieves Follow Market Buzz – Chainalysis 2022 Report
February 24, 2022
Bots Circumvent 2FA Login At Coinbase And Other Crypto Exchanges In 2022
Bots Have Circumvented 2FA Logins At Coinbase And Other Crypto Exchanges In 2022
February 17, 2022

Automated trading with HaasBot Crypto Trading Bots

Blockchain/Cryptocurrency Questions and Answers

Roundtable Interview-What is the Effect of The Russia-Ukraine War on Cryptocurrency Prices?
March 4, 2022
How Does Bitcoin Casino Work + 2021 Beginner’s Guide
November 8, 2021
How to Buy and Sell Cryptocurrency
November 8, 2021
What Are Bitcoin Futures And How Will They Work In 2022?
November 4, 2021
The Unconventional Guide to Ethereum
October 28, 2021

CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin28,861 0.07 % 2.77 % 5.01 %
Ethereum1,765.0 0.37 % 6.88 % 12.79 %
Tether1.001 0.04 % 0.22 % 0.05 %
USD Coin0.9989 0.16 % 0.08 % 0.04 %
BNB302.64 0.06 % 4.18 % 1.62 %
XRP0.3889 0.16 % 2.85 % 7.77 %
Binance USD1.003 0.08 % 0.25 % 0.10 %
Cardano0.9566 0.22 % 0.68 % 6.96 %
Solana42.15 0.52 % 8.93 % 19.45 %
Dogecoin0.08358 6.60 % 4.03 % 4.02 %

Bitcoin (BTC) $ 28,881.00
Ethereum (ETH) $ 1,770.43
Tether (USDT) $ 1.00
USD Coin (USDC) $ 1.00
BNB (BNB) $ 302.95
XRP (XRP) $ 0.390019
Binance USD (BUSD) $ 1.00
Cardano (ADA) $ 0.461806
Solana (SOL) $ 42.38
Dogecoin (DOGE) $ 0.084133