de | English
IT Security Jan 14, 2020

Netscaler flaw put companies at risk.

In December, a dangerous security vulnerability was discovered in Cisco NetScaler series devices that has proved very easy to exploit. As of yet, there is no update available meaning users urgently need to change their configuration.

Share article

Critical security vulnerabilities in Citrix NetScalers.

If you run a Citrix Application Delivery Controller (ADC) and / or gateway, please note the following information: An exploit code for a “critical” security gap (CVE-2019-19781) has been discovered. Scans for vulnerable appliances are also increasing. Unauthenticated attackers can attack devices remotely and run their own code relatively easily. The exploit now makes this attack scenario more realistic and there is an urgent need to act.

 

In order to secure networks, Cisco’s workaround should be implemented immediately as there is not yet a security patch. Cisco has, however, announced a secure version for the end of January. The workaround can be found here: https://support.citrix.com/article/CTX267679

 

Workaround cannot reverse damage.

While working on solving the security issue, we came across many appliances that had already been compromised. Once compromised, the workaround linked to above cannot reverse the damage and in some circumstances, this compromise must also be reported in accordance with the Data Protection Regulation. Whether this is the case or not can only be ascertained with forensic investigation of the appliance.

 

Our advice: Get expert support now!

jens-loecke.png
Jens Löcke
Teamleiter Modern Workplace