Security researchers discovered a critical Citrix vulnerability that could provide hackers unauthorized access to a company’s local network. At least 80,000 companies in 158 countries are potentially at risk. Citrix released a number of mitigating measures, in anticipation of a complete fix.
Two Citrix Products Open the Door to Hackers
Citrix is a digital workplace platform used by over 400,000 companies worldwide. The company offers a range of products related to desktop and application visualisation. These tools allow access to Windows desktops and applications independently of the machine they are run from, and from any device with any operating system.
The vulnerability was discovered by Positive Technologies security expert Mikhail Klyuchnikov in two Citrix products. Both Citrix’s Application Delivery Controller and Citrix’s Gateway open the door to hackers. The Citrix flaw stands out and is particularly dangerous because it is easy to exploit and does not require authentication. An attack can therefore be performed by any external party.
80,000 Companies in 158 Countries at Risk
An estimated 80,000 companies in 158 countries are at risk. The top five countries that are especially vulnerable to an attack because the number of organizations using the affected Citrix products are Australia, Germany, The Netherlands, the UK and the US.
The first vulnerable version of the software was release in 2014. It is important for companies to not only take the necessary measures to defend themselves against future attacks, but to also investigate the issue and detect any potential existing exploitation.
Immediate Action Needed
Positive Technologies recommends that information security professionals “take immediate steps to mitigate the threat”. They also praised Citrix for their quick response. “The vendor responded very promptly, by creating and releasing a set of risk mitigation measures within just a couple of weeks after the vulnerability was discovered. From our experience, we know that in many cases it can take months.”
Citrix is notifying customers and channel partners about this potential security issue. The company strongly urges affected customers “to immediately apply the provided mitigation measures”. Customers should then upgrade all their vulnerable appliances to a fixed version of the appliance firmware when released.