Vulnerablities

Citrix informed customers on Tuesday that its ADC, Gateway, and SD-WAN networking products have patched 11 vulnerabilities and highlighted that the flaws are not related to CVE-2019-19781, which was exploited in many attacks.

Citrix also published a blog post written by its CISO, Fermin J. Serna, after publishing a security advisory explaining the vulnerabilities, in an attempt to “evite uncertainty and reduce the scope for misinterpretation in the industry and in our customer collection.”

Serna noted that these newly patched vulnerabilities are not linked to CVE-2019-19781, which hackers began exploiting shortly after the vulnerability was published in January. The protection vulnerability was exploited by both profit-driven cybercriminals and state-sponsored threat actors, and many organizations had a lot of problems.

Citrix initially issued temporary mitigations for CVE-2019-19781, due to the high risk of misuse, and just weeks later issued permanent patches. In the case of the new vulnerabilities, the company noted that the patches are fully addressed, and no proof of malicious exploitation has been identified. This also finds the probability of exploitation to be smaller.

The newly patched vulnerabilities affect Citrix ADC, Gateway, and SD-WAN WAN Optimization (WANOP) version, and they can be exploited to gather information, initiate DoS attacks, escalate local privileges, XSS attacks, bypass authorization, and inject code.

SEE ALSO:
Flaws in cellular networks expose 4G and 5G devices to attacks by IMSI

Although a remote and unauthenticated attacker can exploit some of the vulnerabilities, penetration in most cases involves access to the targeted program, user interaction or other preconditions. In addition , cloud versions of the goods affected are not vulnerable to attacks.

Despite the reduced risk of these flaws being exploited by attacks, Citrix has advised customers to implement its safety recommendations and install the patches as soon as possible.

“To further protect our customers we limit the public disclosure of many of the technical details of the vulnerabilities and patches. Throughout the industry, advanced malicious actors of today use the specifics and fixes in reverse engineering exploits. As such, we are taking steps to educate our customers and help them, but we are also doing what we can to protect information from malicious actors, “Serna said.