Citrix releases final patches for critical CVE-2019-19781 security flaw
Credit:
computing.co.uk
Citrix has finally released the last permanent fixes for the CVE-2019-19781 security flaw for version 10.5 of the Citrix Application Delivery Controller (ADC). The company now claims to have released permanent fixes for all supported versions of ADC, Gateway and SD-WAN WANOP.
Citrix has urged organisations to "patch immediately" - presumably, over the weekend. The flaw enables remote, unauthenticated attackers to perform arbitrary code execution, with exploits already having been detected in the wild.
Indeed, German automotive parts maker Gedia was taken down with ransomware over the past week, with security researchers warning that the attackers cracked the company's network via vulnerable Citrix devices.