Hackers can use vulnerabilities (CVE-2019-19781) in Citrix’s Application Delivery Controller (NetScaler ADC) and Gateway (NetScaler Gateway) to sneak into the company’s intranet. The vulnerability was discovered by Mikhail Klyuchnikov of Positive Technologies. It is estimated that 80,000 companies in 158 countries are at risk, most of which are in the United States (38%), followed by the United Kingdom, Germany, the Netherlands, and Australia.
“If that vulnerability is exploited, attackers obtain direct access to the company’s local network from the Internet. This attack does not require access to any accounts, and therefore can be performed by any external attacker.,” wrote a post from Positive Technologies.
The vulnerability affects all versions of the product and all platforms that support the product, including Citrix ADC and Citrix Gateway 13.0, 12.1, 12.0, 11.1, and 10.5. Experts point out that because hackers can exploit the vulnerability without stealing accounts, all hackers can obtain products and intranet resources in the server without authorization.
Citrix can be used to connect workstations and business-critical systems. Because Citrix can be used through the intranet, hackers may attack intranet resources from the server through vulnerabilities. Citrix has released the patch, and they recommend that users update all vulnerable software versions. Positive Technologies states that the vulnerability was introduced in Citrix software in 2014.