KALI

PoC Exploit Code Released for Citrix ACD and Gateway Remote Code Execution Vulnerability

Citrix remote code execution vulnerability was published last month, the vulnerability can be tracked as CVE-2019-19781.

It may create a serious threat for organizations deployed with Citrix Application Delivery Controller and gateway.

An advisory was released by Citrix detailing the configuration changes to mitigate the vulnerability. The following are the affected versions.

  • Citrix ADC and Citrix Gateway version 13.0 all supported builds
  • Citrix ADC and NetScaler Gateway version 12.1 all supported builds
  • Citrix ADC and NetScaler Gateway version 12.0 all supported builds
  • Citrix ADC and NetScaler Gateway version 11.1 all supported builds
  • Citrix NetScaler ADC and NetScaler Gateway version 10.5 all supported builds

Citrix believed to be used in more than 80,000 companies around the globe, the vulnerability could pose a serious threat for organizations.

Attackers Scan For Vulnerability

A couple of days before researchers observed that attackers started scanning for the vulnerability, the scans include simple to dangerous requests.

Citrix Remote Code Execution – PoC Published

A Security researchers group with handle projectzeroindia published the first working exploit code for the vulnerability.

Following that TrustedSec published the exploit code, TrustedSec said that they have the tool developed earlier but they opted to have private, as other researchers published code, they too released.

MDSsec released a video demonstration explaining how the vulnerability can be exploited, but the code was not published.

Shodan has added detection for the Citrix vulnerability (CVE-2019-19781).

After the PoC code published a huge spike detected on honeypots, attackers started using public exploits to install backdoors.

Guru baran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

IT and security Leaders Feel Ill-Equipped to Handle Emerging Threats: New Survey

A comprehensive survey conducted by Keeper Security, in partnership with TrendCandy Research, has shed light on the growing concerns within…

1 hour ago

How to Analyse .NET Malware? – Reverse Engineering Snake Keylogger

Utilizing sandbox analysis for behavioral, network, and process examination provides a foundation for reverse engineering .NET malware.  The write-up outlines…

2 hours ago

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting the growing, widespread use and potential…

16 hours ago

C2A Security’s EVSec Risk Management and Automation Platform Gains Automotive Industry Favor as Companies Pursue Regulatory Compliance

In 2023, C2A Security added multiple OEMs and Tier 1s to its portfolio of customers, successful evaluations, and partnerships such…

17 hours ago

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and education. The latest update, Wireshark 4.2.4,…

19 hours ago

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered platform designed to redefine how we…

19 hours ago