News outlets are covering a critical vulnerability which has been identified in Citrix Application Delivery Controller and Citrix Gateway (formerly known as NetScaler ADC and NetScaler Gateway), that, if exploited, could allow an unauthenticated attacker (anyone on the internet) to perform arbitrary code execution, potentially including launching remote access sessions or Citrix published applications. The vulnerability affects all platforms and [NetScaler] ADC versions since v10.5.

Citrix is working on releasing firmware patches to permanently correct the vulnerability; in the meantime, Citrix and IPM are strongly recommending all Citrix ADC/NetScaler customers to immediately apply the temporary mitigation that has been provided by Citrix ( https://support.citrix.com/article/CTX267679 ) to protect their applications and network from attacks. Customers may apply the mitigation steps themselves if they are comfortable doing so. It does require using the CLI and rebooting the affected appliances, so IPM is also on standby to assist customers should they require it. The mitigation does require using the CLI and rebooting the affected appliances, so we are on standby should you require any assistance. Please let us know if you plan on applying the mitigation yourselves or if we can be of service.

 

Reference: https://www.theregister.co.uk/2019/12/23/patch_now_published_citrix_applications_leave_network_vulnerable_to_unauthorised_access/

https://support.citrix.com/article/CTX267027