How to Protect Yourself Against the Most Recent Citrix Vulnerability
Late last month Citrix disclosed a critical security hole (CVE-2019-19781) in both its Application Delivery Controller and Unified Gateway (formerly known as Netscaler ADC and Netscaler Gateway) offerings. Up to 80,000 systems were thought to be at risk, with some 25,000 instances found online over the weekend.
Those admins who haven't put mitigations in place by now will want to make sure they address their situation immediately, as infosec researchers have now publicly shared working exploit code for the remote takeover bug. The proof-of-concept code can be used to trivially achieve arbitrary code execution with no account credentials – hijack systems, in other words – via a directory traversal.
At Tranquil IT our goal is to produce scientifically designed, intuitive IT solutions which offer our clients the competitive advantage in business.
We aim to provide the highest level of support for both our own hardware range and for any other types of IT hardware our customers require, leaving them free of the frustration and financial burden associated with traditional IT solutions.