Citrix over the last six days has been releasing firmware updates to fix CVE-2019-19781, a critical remote code execution vulnerability in its Citrix Application Delivery Controller, Citrix Gateway and SD-WAN WANOP products, which cybercriminals have actively exploited in an attempt to deliver ransomware, backdoors and coin miners.
The Fort Lauderdale, Fla.-based software company has now patched versions 11.1, 12.0, 12.1 and 13.0 of Citrix ADC and Citrix Gateway (formerly branded as NetScaler ADC and NetScaler Gateway), and expects to issue a fix for version 10.5 today.
Citrix also has issued releases 10.2.6 and 11.0.3 to repair the SD-WAN WANOP WAN Optimization solution, which comes with Citrix ADC packaged and was therefore also affected by the bug. These fixes apply to the SD-WAN 4000-WO, 5000-WO, 4100-WO, and 5100-WO platforms. (All other SD-WAN PE and SD-WAN SE platforms are not impacted by the vulnerability.)
Citrix has also issued a pair of helpful tools for its users, one that ensures the patch has been successfully applied and another that ..
Support the originator by clicking the read the rest link below.
