Citrix issues fix for bug that left 80,000 organisations exposed to cyberattacks

Citrix issues fix for bug that left 80,000 organisations exposed to cyberattacks
Citrix issues fix for bug that left 80,000 organisations exposed to cyberattacks

Just as many IT admins were beginning to head home for Christmas last year, researchers disclosed a major bug in Citrix’s Application Delivery Controller. This bug, known as CVE-2019-19781, has now received a permanent fix, according to Citrix. 

More than 80,000 organisations were at risk of cyberattack due to CVE-2019-19781, which is a directory traversal security flaw that can be exploited for the purposes of arbitrary code execution. Citrix understood the severity of the flaw, and while it didn’t have an initial fix when the bug was announced to the public, it did work diligently to reduce the risk to organisations. 

When the bug was first disclosed, Citrix produced a mitigation guide to assist IT admins in ensuring their servers remained protected. It also launched a scanning tool in conjunction with FireEye Mandiant, which allowed IT admins to scan their servers to check if they were vulnerable to this particular attack. Now, however, permanent fixes are finally available. 

Updates are rolling out to Citrix ADC and Citrix Gateway versions 12.1 and 13.0, and Citrix is urging IT admins to install these patches as soon as possible. In fact, the firm is waiving the requirement of having maintenance contracts with Citrix, and is allowing anyone and everyone access to the patches. 

These latest updates are in addition to the patches that were released earlier for other ADC and Gateway builds, as well as Citrix SD-WAN users. 

Despite the update being formally available, Citrix is still urging IT admins to utilise its free tool. In a statement on the company’s blog, it noted, “In addition to immediately installing these fixes, we encourage all customers to use the free Indicator of Compromise Scanning tool that we teamed up with FireEye Mandiant to launch this week. 

“This tool is available under the Apache 2.0 open source license, and provides customers with increased awareness of potential compromise related to the CVE-2019-19781 vulnerability on their systems. The tool is designed to allow customers to run it locally on their Citrix instances and receive a rapid assessment of potential Indicators of Compromise based on known attacks and exploits. The tool is freely accessible in the Citrix GitHub Repository.”