On the very beginning of 2020, Citrix revealed a vulnerabilities in the company's Application Delivery Controller and Gateways product that directly gave access to the local network behind the gateway without any access authentication using a crafted web request. Basically, Citrix is the commerical virtual private network (VPN) gateway formerly known as Netscaler is used by thousand s of companies. Common Vulnerabilities and Exposures (CVE) has labelled the vulnerability CVE-2019-19781.
According to CVE, it has described CVE-2019-19781 as an issue discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal. This vulnerability was registered in 2019-12-13. But, the patches was not released by the mid of January 2020. Similarly, NIST has enlisted this vulnerability in the national vulnerability database. They have analyse the vulnerability as the critical one with Base score 9.8
Similarly, Bad Packets has frequently stated the event that were encountered in the world due to the untimely mitigation steps from Critix. They states that this vulnerabilitie is easy to exploit by attacker using publicly available proof-of-concept code. Project Zero India and TrustedSec has demonstrate the way to exploit this vulnerability. The risk associated with this vulnerability is that it could be used to spread ransomware and cryptocurrency mining malware. There is potential likelihood of DDOS attack if the same threat actor compromise multiple server.
Solution:
However, on 23 Jan 2020, Citrix has released a mitigation step to control this vulnerability. According to Critix support, Here are the steps to mitigate the vulnerabilties
Vulnerability on relevant WANOP devices, the same steps will need to be applied to the Citrix ADC load balancer instance residing on the WANOP device.
Then, navigate through Configuration (Overview) > Maintenance > Instances > Load Balancer under WANOP GUI to locate Citrix ADC instance and associated details
There requires the credentials for ADC instance are assigned by the administrator during deployment to apply mitigation.
Finally, responder action and policy can be applied to Standalone System, HA Pair, Cluster, Admin Partition.
For more details about the mitigation steps, refer the link below:
References
Comments