CVE-2019-19781 – What you should do and what’s happening around

On 17 December 2019, Citrix identified a vulnerability that could allow an unauthenticated attacker to perform arbitrary code execution in Citrix ADC (Application delivery Controller) or NetScaler ADC or NetScaler Gateway. This vulnerability affects Citrix ADC and VPX on any host/SDX. Further investigation by Citrix has shown that this issue also affects certain deployments of Citrix SDWAN, specifically Citrix SDWAN WANOP edition. The vulnerability has been assigned CVE number – CVE-2019-19781. Citrix has released mitigation steps that every customer with affected appliance should apply until a fixed refresh build is available. Keep track of the timelines at https://support.citrix.com/article/CTX267027 or you […]