skout-blog

Cybersecurity Threat Advisory 0045-20: Citrix Vulnerabilities Affecting ADC, Gateway, and SD-WAN WANOP Appliances


Advisory Overview

Citrix has issued a security patch for multiple gateway devices that were found to have security flaws. These security issues are reportedly unrelated to the previously released CVE-2019-19781. SKOUT advises updating any affected devices to the latest version.

Technical detail and additional information

What is the threat?

Security researchers discovered multiple vulnerabilities in Citrix devices, ranging from cross site scripting to privilege escalation. Of the 11 flaws found, Citrix states that there are six possible attack routes; five of which have barriers to exploitation. Additionally, Citrix states that there have not been any indicators of the exploits being seen in the wild.

Why is this noteworthy?

Citrix remote access products represent a large portion of the market, meaning the weaponization of any vulnerability can have enormous impact for businesses across the globe. Each flaw has been assigned its own CVE name and rating. For more information on the vulnerable products and a full listing of the flaws found, please refer to the table found on the official Citrix Bulletin at https://www.citrix.com/blogs/2020/07/07/citrix-provides-context-on-security-bulletin-ctx276688/

What is the exposure or risk?

The patch issued by Citrix fully remediates the issues discovered for all affected products. Furthermore, Citrix states that the none of the cloud based solutions are affected by the vulnerabilities. In the same bulletin, Citrix states that systems configured according to their recommendations are at a significantly reduced risk when compared to systems that are not.

What are the recommendations?

Citrix released a patch that remediates all the vulnerabilities found. SKOUT strongly recommends that our customers review the information provided by Citrix on the vulnerabilities and updating if currently utilizing any of the affected solutions.

References:

  • https://www.citrix.com/blogs/2020/07/07/citrix-provides-context-on-security-bulletin-ctx276688/
  • https://www.bleepingcomputer.com/news/security/citrix-fixes-11-flaws-in-adc-gateway-and-sd-wan-wanop-appliances/
  • https://threatpost.com/citrix-bugs-allow-unauthenticated-code-injection-data-theft/157214/

If you have any questions, please contact our Security Operations Center.