Threat Intelligence Update
Updated: Sep 20, 2020
Vulnerabilities in Citrix NetScaler ADC and Citrix Netscaler Gateway, first reported in December 2019 are being successfully exploited by attackers, compromising numerous organisations.
Citrix NetScaler ADC and Citrix Netscaler Gateway allows unauthenticated attackers to perform arbitrary code execution. Citrix released an Advisory (CVE-2019-19781) on the day of the announcement, comprising of mitigation steps that can help guard against the possibility of attack.
However, many organisations are yet to apply the update and with active exploit code now circulating on the internet, organisations remain at critical risk. Compromised systems cannot be remediated by applying the fix. Once malicious actors establish a foothold on an affected device, their presence remains even though the original attack vector has been closed.