A vulnerability has been identified in Citrix Application Delivery Controller (ADC), formerly known as NetScaler ADC, as well as in Citrix Gateway, formerly known as NetScaler Gateway. This CVE-2019-19781 vulnerability, if exploited, could allow an unauthenticated party to perform arbitrary code execution. This issue impacts all ADC and ADC Gateway versions 10.5 through 13.0. A Knowledge Base article has already been developed about this issue, and Citrix would like to ensure that all customers and partners, that could potentially be affected by this issue are aware, especially during this busy holiday season. Please see this Citrix Knowledge Center article for reference and any questions.

As noted in this article, Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For guidance on how to report security-related issues to Citrix, please see the following document: CTX081743 – Reporting Security Issues to Citrix.

Please also subscribe to bulletin alerts at https://support.citrix.com/user/alerts to be notified as new firmware becomes available.