Wednesday, December 6, 2023

Citrix Released Permanent Fixes for the Actively Exploited CVE-2019-19781 Flaw in ADC 11.1 and 12.0

By Guru baran

Citrix permanent fixes

Citrix released permanent fixes for CVE-2019-19781 Flaw in ADC 11.1 and 12.0, which would allow an unauthenticated remote attacker to execute arbitrary code on the vulnerable system.

The vulnerability was discovered by Dmitry Serebryannikov from Positive Technologies and the severity of the vulnerability is high. The following are the affected versions.

  • Citrix ADC and Citrix Gateway version 13.0 all supported builds
  • Citrix ADC and NetScaler Gateway version 12.1 all supported builds
  • Citrix ADC and NetScaler Gateway version 12.0 all supported builds
  • Citrix ADC and NetScaler Gateway version 11.1 all supported builds
  • Citrix NetScaler ADC and NetScaler Gateway version 10.5 all supported builds

Permanent Fixes Released

Citrix releases permanent fixes for ADC versions 11.1 and 12.0 and it can be downloaded from here and here.

The fixes applicable for “Citrix ADC and Citrix Gateway Virtual Appliances (VPX) hosted on any of ESX, Hyper-V, KVM, XenServer, Azure, AWS, GCP or on a Citrix ADC Service Delivery Appliance (SDX). SVM on SDX does not need to be updated.”

“It is necessary to upgrade all Citrix ADC and Citrix Gateway 11.1 instances (MPX or VPX) to build 11.1.63.15 to install the security vulnerability fixes. It is necessary to upgrade all Citrix ADC and Citrix Gateway 12.0 instances (MPX or VPX) to build 12.0.63.13 to install the security vulnerability fixes.”

Citrix ADC and Citrix Gateway
VersionRefresh BuildRelease Date
10.510.5.70.x24th January 2020
11.111.1.63.1519th January 2020 (Released)
12.012.0.63.1319th January 2020 (Released)
12.112.1.55.x24th January 2020
13.013.0.47.x24th January 2020
Citrix SD-WAN WANOP  
ReleaseCitrix ADC ReleaseRelease Date
10.2.611.1.51.61524th January 2020
11.0.311.1.51.61524th January 2020

Urgent Patch Required

Since the PoC released attackers started exploiting the flaw to install backdoors on the vulnerable machines. Citrix urges users to apply the fix immediately.

Once the patches applied, you can use the verification tool to ensure the patches have been applied correctly.

Also, CISA released a test tool for administrators and users to check for Citrix Application Delivery Controller (ADC) and Citrix Gateway vulnerability. The tool can be downloaded from GitHub.

Related Coverage

  1. CISA Releases Test Tool for Citrix ADC and Gateway Vulnerability – Sysadmins Can Test Now
  2. PoC Exploit Code Released for Citrix ACD and Gateway Remote Code Execution Vulnerability
  3. Hackers Scanning for Citrix Servers Vulnerable to Remote Code Execution
  4. Critical Vulnerability in Citrix Products Let Hackers Access to 80,000 Companies Internal Network

Managed WAF Protection

Website

Latest articles

cyber security

BlueNoroff: New Malware Attacking MacOS Users

Researchers have uncovered a new Trojan-attacking macOS user that is associated with the BlueNoroff APT...
cyber security

Serpent Stealer Acquires Browser Passwords and Erases Intrusion Logs

Beneath the surface of the cyber realm, a silent menace emerges—crafted with the precision...
Cyber Attack

Doppelgänger: Hackers Employ AI to Launch Highly sophistication Attacks

It has been observed that threat actors are using AI technology to conduct illicit...
cyber security

Kali Linux 2023.4 Released – What’s New!

Kali Linux 2023.4, the latest version of Offensive Security's renowned operating system, has been...
cyber security

Trickbot Malware Developer Pleads Guilty & Faces 35 Years in Prison

A 40-year-old Russian national, Vladimir Dunaev, pleaded guilty for developing and deploying Trickbot malware....
cyber security

ICANN Launches RDRS to Assist Law Enforcement Agencies to Discover Private Info

ICANN is a non-profit organization that is responsible for coordinating the global internet's-DNSIP address...
cyber security

Hackers Use Weaponized Documents to Attack U.S. Aerospace Industry

An American aerospace company has been the target of a commercial cyberespionage campaign dubbed...
Guru baran
Guru baranhttps://gbhackers.com

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Register Your Spot

Related Articles

Connect with GBHackers On Security

Join 70,000 Security Professionals

Stay safe online with free daily cybersecurity updates. Sign up now!

GBHackers on security is a highly informative and reliable Cyber Security News platform that provides the latest and most relevant updates on Cyber Security News, Hacking News, Technology advancements, and Kali Linux tutorials on a daily basis. The platform is dedicated to keeping the community well-informed and up-to-date with the constantly evolving Cyber World.

Menu

Contact US:

[email protected]