Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP Appliance Security Update. Fixed builds have been released for all supported versions of Citrix ADC, Citrix Gateway and Citrix SD-WAN WANOP

ITS Advisory Number: 
2020-092
Date(s) Issued: 
Monday, July 13, 2020
Subject: 
Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP Appliance Security Update. Fixed builds have been released for all supported versions of Citrix ADC, Citrix Gateway and Citrix SD-WAN WANOP
Overview: 

Multiple vulnerabilities have been discovered in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway) and Citrix SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution within the context of system compromise by an unauthenticated user on the management network.

 

THREAT INTELLIGENCE:

Various trusted third parties have identified increasing adversarial activity regarding these vulnerabilities.

Systems Affected: 
  • Citrix ADC and Citrix Gateway versions prior to 13.0-58.30

  • Citrix ADC and NetScaler Gateway versions prior to 12.1-57.18 and 12.1

  • Citrix ADC and NetScaler Gateway versions prior to 12.0-63.21 and 12.0 releases

  • Citrix ADC and NetScaler Gateway versions prior to 11.1-64.14 and 11.1 releases

  • NetScaler ADC and NetScaler Gateway versions prior to 10.5-70.18 and 10.5 releases

  • Citrix SD-WAN WANOP versions prior to 11.1.1a

  • Citrix SD-WAN WANOP versions prior to 11.0.3d and 11.0

  • Citrix SD-WAN WANOP versions prior to 10.2.7 and 10.2 releases

  • Citrix Gateway Plug-in for Linux versions prior to 1.0.0.137

RISK
GOVERNMENT
Large and medium government entities: 
High
Small government entities: 
High
BUSINESS
Large and medium business entities: 
High
Small business entities: 
High
Home Users: 
Medium
Description: 

Multiple vulnerabilities have been discovered in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway) and Citrix SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could result in a number of security issues including: 

  • System compromise by an unauthenticated user on the management network.

  • System compromise through Cross Site Scripting (XSS) on the management interface

  • Creation of a download link for the device which, if downloaded and then executed by an unauthenticated user on the management network, may result in the compromise of their local computer.

  • Denial of service against either the Gateway or Authentication virtual servers by an unauthenticated user (the load balancing virtual server is unaffected).

  • Remote port scanning of the internal network by an authenticated Citrix Gateway user. Attackers can only discern whether a TLS connection is possible with the port and cannot communicate further with the end devices.

  • In addition, a vulnerability has been found in Citrix Gateway Plug-in for Linux that would allow a local logged-on user of a Linux system with that plug-in installed to elevate their privileges to an administrator account on that computer. 

Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution within the context of system compromise by an unauthenticated user on the management network.

Actions: 
  • After appropriate testing, immediately apply patches provided by Citrix to vulnerable systems.

  • Remind users not to download, accept, or execute files from un-trusted or unknown sources.

  • Remind users not to visit untrusted websites or follow links provided by unknown or un-trusted sources.

  • Inform and educate users regarding threats posed by hypertext links contained in emails or attachments, especially from un-trusted sources.