AppCheck Plug-in for Citrix Vulnerability CVE-2019-19781
Product / Research / Security Alerts / Posted December 18, 2019
Citrix Vulnerability Details
Citrix have released an advisory regarding CVE-2019-19781 which you can read in full here: Vulnerability in Citrix Application Delivery Controller and Citrix Gateway
In short a vulnerability was identified in Citrix Application Delivery Controller (ADC) formerly known as NetScaler ADC and Citrix gateway formerly known as NetScaler Gateway. If exploited this vulnerability could allow an unauthenticated attacker to perform arbitrary code execution.
AppCheck Plug-in for CVE-2019-19781
AppCheck have released a plug-in to check for the above vulnerability. Specifically, the module will look to detect a remote code execution flaw in Citrix appliances.
What is Arbitrary Code Execution?
Arbitrary Code Execution (ACE) describes the ability to execute commands on a target. Once a hacker has successfully exploited this vulnerability they could gain access to the protected network without valid logon credentials. The attacker could issue commands, read or edit files and even priv-up to gain full control of a system.
As always, if you require any more information on this topic or want to see how AppCheck can help find vulnerabilities in your applications and infrastructure then please get in contact with us: firstname.lastname@example.org
Get started with Appcheck
No software to download or install.
Contact us or call us 0113 887 8380