emPSN - East Midlands Public Services Network 01604 879869
Back to Knowledge Base
Active exploitation of Citrix ADC and Gateway `vpns`

Active exploitation of Citrix ADC and Gateway `vpns`

We have been offered advise from our Security partners Dell SecureWorks outlining that their Counter Threat Unit (CTU) researchers are monitoring reports of proof-of-concept code for a Citrix ADC and Gateway `vpns` directory traversal vulnerability (CVE-2019-19781). Unauthenticated attackers could leverage this flaw to execute arbitrary code. The research team has observed attempts to exploit this vulnerability.

Recommended actions:

Clients should review the workaround provided by Citrix and apply updates when available.

References:

Back to Knowledge Base