The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting Citrix Application Delivery Controller and Citrix Gateway. A remote attacker could exploit this vulnerability to run arbitrary code on a targeted system. This vulnerability was detected in exploits in the wild.
The UCLA IT Security Team encourages departments using Citrix products to review CERT/CC’s Vulnerability Note VU#619785 and Citrix Security Bulletin CTX267027 for more information and workarounds.
CITRIX has recently published up-to-date mitigation information at the following link: https://support.citrix.com/article/CTX267679.