A lot of Awingu customers are former Citrix users. On occasion we have customers that decide to keep their existing Citrix Netscaler and run it in combination with Awingu. For example for L4-L7 load balancing, SSL Offloader or WAN optimization. Awingu has a very open architecture and is little intrusive; as such allows these combined uses. It’s important to note that organizations must in no way stick to their Netscaler deployment to leverage Awingu.
Awingu is a turnkey Unified Workspace solution. It makes legacy RDP-based apps and desktops available in HTML5 in a browser, has a built-in reverse proxy and enables Single Sign-On. Built-in in Awingu are features that provide;
- SSL offloading (but it is also compatible with external SSL offloaders)
- Single Sign-On
- Load balancing
- Multi-Factor Authentication
It’s important our customers are aware of vulnerability CVE-2019-19781 which impacts both Citrix ADC and Gateway. The vulnerability was announced in Dec 17th 2019. At the time of this writing (Jan 17th 2020) there is no patch available yet, and is not to be expected before Jan 20th 2020 (for versions 11.1 and 12). Patches for version 10.5, 12.1 and 13 will come as of Jan 27th 2020.
What is the threat?
“The vulnerability allows an unauthenticated remote attacker to execute arbitrary code on the system,” said Qualys researchers in an analysis last week. “Once exploited, remote attackers could obtain access to private network resources without requiring authentication.”
The vulnerability is severe. The National Cyber Security Centre (NCSC) from the Ministry of Justice and Security in the Netherlands gave it a score of 9.8/10 on a scale from 1 to 10.
Three weeks after the vulnerability was announced, “Proof-of-Concept” exploits started to hit the streets. Days later, messages started to pop-up of impacted businesses such as Medisch Centrum Leeuwarden in the Netherlands.
Estimated number of businesses that are impacted are between 25000 and 80000. The numbers vary based on the source, e.g. see Positive Technologies and Bad Packets. While there is a widespread in these numbers… for sure a lot of businesses are impacted. Most of them based in the US, UK & Germany (no doubt strong Citrix markets).
Want to understand how Awingu works? Have a look at our architecture and solution pages.
Citrix’ mitigation actions
In anticipation of the patch delivery, we strongly advice our customers (and obviously all Netscaler users) to follow the mitigation procedures as set forth by Citrix. It can be found here: https://support.citrix.com/article/CTX267679
Want to find out more and see Awingu in action? Reach out to us!
About the author
Sources
- https://nvd.nist.gov/vuln/detail/CVE-2019-19781
- https://blog.qualys.com/laws-of-vulnerabilities/2020/01/08/citrix-adc-and-gateway-remote-code-execution-vulnerability-cve-2019-19781
- [https://nos.nl/artikel/2318528-waarschuwing-voor-hacks-bij-citrix-servers-na-beveiligingslek.html
- https://nos.nl/artikel/2318734-hackpoging-ziekenhuis-leeuwarden-ncsc-vreest-aanvallers-in-meer-systemen.html
- https://support.citrix.com/article/CTX267679
English 
Italian 
German 
Spanish 
French