To help our customers assess the security of their Citrix ADC and Citrix Gateway devices, we have added a new tool on Pentest-Tools.com to detect the recent RCE vulnerability (CVE-2019-19781).
Here’s how a sample report of the scan looks like:
When successfully exploited, the vulnerability could allow an attacker to execute arbitrary code on the vulnerable Citrix device without any account or authentication credentials required.
A deep dive into this topic has been performed by the security researchers at MDSec, and they’ve shown how this vulnerability can be exploited in their write-up.
The vendor hasn’t released yet an official patch for CVE-2019-1978 (it’s expected at the end of January), but it strongly advises all customers to apply the specific mitigation measures listed for every Citrix device impacted.
To check if your Citrix device is affected by this vulnerability, we recommend using our Citrix Vulnerability Scanner.