Citrix and FireEye Mandiant launch Forensic Assessment Tool
Citrix is pleased to announce the availability of a new threat detection tool related to the previously announced vulnerability, CVE-2019-19781, which affects certain versions of Citrix ADC, Citrix Gateway and Citrix SD-WAN WANOP. This tool is available in both Citrix and Mandiant GitHub repositories. Citrix recommends using this tool as soon as possible.
At Citrix, the safety of products, services and the business environment is paramount. Citrix takes vulnerabilities in products and services very seriously and deploys all resources to protect its customers, applying robust security policies and procedures to ensure that vulnerabilities and incidents are effectively identified and addressed and their impact minimized.
Last month, Citrix advised customers on a vulnerability detected in Citrix® Application Delivery Controller (ADC) and Citrix Gateway which, if exploited, could allow an non-authenticated attacker to execute random code.
Citrix immediately started its security response process, which includes the analysis of variants and the development of vulnerability removal measures. Because of the increased risk of data breaches and the negative effects this can have on organizations, Citrix published a security advice with detailed measures. These mitigation or removal measures include all supported versions and include detailed steps to stop a potential attack in all known scenarios.
Citrix is currently working on the development of permanent solutions. As with any procedure of this nature, and in accordance with their policies and procedures, these fixes need to be extensively and thoroughly tested. Citrix expects to make them available for supported versions as follows:
- 13 - 27-Jan-2020
- 12.1 - 27-Jan-2020
- 12 - 20-Jan-2020
- 11.1 - 20-Jan-2020
- 10.5 - 31-Jan-2020
There have been reports of scanning the network to detect the presence of this vulnerability. Since many implementations are behind the firewall, Citrix believes that a limited number of devices are vulnerable. Citrix recommends that all customers using Citrix ADC and/or Citrix Gateway deploy the released measures and follow all steps.
Citrix remains committed to the security of its solutions and will continue to provide updates on CVE-2019-19781and support customers in managing the vulnerability through their. product support knowledge center. To receive automatic updates, please visit the Knowledge https://support.citrix.com/user/alerts.