UPDATE: Citrix delivers more security fixes, urges instant deployment

By on
UPDATE: Citrix delivers more security fixes, urges instant deployment

Citrix has delivered permanent fixes for a series of serious flaws in its products.

News of the bugs emerged just before Christmas 2019, during CRN Australia’s summer break. Sibling publication iTnews revealed the problem: CVE-2019-19781 impacted Citrix application delivery controllers and SD-WAN products and meant attackers could access a victim’s LAN over the internet.

Citrix has rushed out mitigations that harden its products, but attackers have already started to exploit the problem. The vendor delivered some patches, for ADCs, earlier this week. 

News posted today detailing permanent patches for SD-WAN WANOP products will therefore be welcomed by Citrix partners and end-customers alike.

The patches can be found here and will require an upgrade to recent versions of Citrix code. Citrix has also provided an assessment tool, here.

Today’s releases don’t end the saga, because a patch is still a couple of days away for some versions of Citrix ADC and Citrix Gateway.

Citrix says “we strongly encourage customers to apply the permanent fixes as soon as possible.”

CRN hopes that won’t spoil the Australia Day long weekend for our readers.

UPDATE, JAN 24th. Citrix has now released final patches for ADC and Gateway products. Details of the new releases can be found here.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © CRN Australia. All rights reserved.
Tags:

Most Read Articles

You must be a registered member of CRN to post a comment.
| Register

Poll

What's your top marketing tactic for 2020?
Long lunches with customers and prospects
Content marketing to drive website visits
Social media
More use of CRM
Word of mouth
Online ads
View poll archive

Log In

Username / Email:
Password:
  |  Forgot your password?