© 2021 www.richardwalz.com
Richard Walz
All rights reserved.

Critical Updates – 2019 December

Updates

  • Citrix has published the update firmware for all the NetScaler Appliances

Citrix — CVE-2019-19781

Citrix has posted a Security Advisory in which their NetScaler and ADC controllers are vulnerable RCE flaw by an unauthenticated user to gain root-level access. Be sure to apply the mitigation responder policy ASAP. Firmware updates are not available at the present time.

My review of the mitigation rule policy suggests this will be trivial for attackers to exploit in the near days and weeks.

Note: Unsupported End of Life old versions of the software may also be affected, even though those versions are not listed and/or patches available.