Alert: Citrix NetScaler Vulnerability
Posted on December 18, 2019 by John Rohland

ALERT

Alert iconDecember 17, 2019 – A vulnerability  has been identified in Citrix Netscalers version 10.5 through the most recent version 13.0. You can learn more about the vulnerability and how to mitigate it on the Citrix website.

Citrix is strongly recommending that affected customers immediately apply the mitigation provided on their website (link above) until a permanent patch is available. If you need assistance in applying this please reach out to EDCi, we are here to help.

Please contact our Technical Services Center at 1-800-332-3553.

January 20, 2020 – Additional information

The vulnerability has been identified, with an increased risk of vulnerability leaks and the potential for an uncoordinated disclosure we are highly recommending you follow the mitigation steps released by Citrix. At this time, multiple groups have released working exploits for the Citrix ADC path traversal flaw. At first, two exploits were released, however many variations of the exploit continue to be found.

Citrix has released mitigation steps for defenses, the Citrix workaround (“patch”) is still your best defense at this time until Citrix releases a new Firmware with the corrective actions built in. If you haven’t applied these mitigation steps yet, make sure your Citrix ADC has not already been compromised and apply the mitigation as soon as you can. If you need assistance in applying the mitigation, please contact EDCi’s Technical Services Center at 1-800-332-3553.

Resources

Citrix ADC Exploits are Public and Heavily Used. Attempts to Install Backdoor

Citrix Mitigation Steps

Citrix ADC Exploits: Overview of Observed Payloads