IT disaster recovery, cloud computing and information security news

Daisy

Failed to fix the Citrix software vulnerability? Your internal network can be breachable within a minute

A month and a half after Positive Technologies released its overview of a critical vulnerability in Citrix software, one out of every five companies have still not taken any action to fix this vulnerability. This is evident from threat intelligence from Positive Technologies.

Critical vulnerability CVE-2019-19781 in Citrix Application Delivery Controller (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) was discovered in December by Positive Technologies expert Mikhail Klyuchnikov. According to Positive Technologies’ data as of the end of 2019, the greatest number of potentially vulnerable organizations is located in the USA (over 38 percent of all vulnerable organizations), as well as in Germany, Great Britain, the Netherlands, and Australia. On January 8th, 2020, an exploit was released. It allows the potential attacker to perform automatic attacks against companies that failed to fix the vulnerability.

"The Citrix developers planned to resolve the issue on January 27th through January 31st, but released a series of patches for various product versions a week before that. The necessary update must be installed as soon as possible. Until then, follow the security recommendations by Citrix, available since the information about the vulnerability was released," says Alexei Novikov, Director of PT Expert Security Center.

Overall, the vulnerability is being fixed quickly, but 19 percent of companies are still at risk. The countries with the greatest numbers of vulnerable companies currently include Brazil (43 percent of all companies where the vulnerability was originally detected), China (39 percent), Russia (35 percent), France (34 percent), Italy (33 percent), and Spain (25 percent). The USA, Great Britain, and Australia are protecting themselves quicker, but they each have 21 percent of companies still using vulnerable devices without any protection measures.

If the vulnerability is exploited, attackers obtain direct access to the company's local network from the Internet. This attack does not require access to any accounts, and therefore can be performed by any external attacker. As a result, the internal network can be breachable within a minute, says Positive Technologies.

ptsecurity.com



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.