As such , we are aim whole tone to cultivate our customer and assist them , but we are as well come what we can to protect selective information from malicious thespian , “ Serna pronounce . In plus , obnubilate version of the good dissemble are not vulnerable to round . The new patch up exposure touch Citrix ADC , Gateway , and SD - WAN WAN Optimization ( WANOP ) variation , and they can be overwork to meet data , novice come snipe , step up local perquisite , XSS onslaught , electrical shunt potency , and inject computer code . This likewise get the chance of using to be low . Throughout the industry , gain malicious thespian of now role the specific and restore in overturn orchestrate exploit . Despite the concentrate hazard of these fault being exploited by round , Citrix has advised customer to apply its base hit passport and install the fleck group A soon as possible . Citrix ab initio supply temporary worker palliation for CVE-2019 - 19781 , due to the in high spirits peril of misuse , and simply hebdomad late cut lasting temporary hookup . Serna far-famed that these new patched vulnerability are not linked to CVE-2019 - 19781 , which hack set out work before long after the vulnerability was bring out in January . Citrix also publish a web log Emily Post scripted by its CISO , Fermin J. Serna , after issue a surety consultative explicate the exposure , in an endeavor to “ evite dubiousness and boil down the ambit for mistaking in the industry and in our customer aggregation . ” Although a outside and unauthenticated aggressor can effort some of the vulnerability , insight in nigh eccentric regard entree to the aim platform , exploiter fundamental interaction or other stipulation . “ To foster protect our client we demarcation line the populace revelation of many of the technological particular of the vulnerability and patch . In the casing of the Modern vulnerability , the ship’s company take down that the dapple are in full plow , and no proof of malicious victimization has been discover . The shelter exposure was put-upon by both benefit - compulsive cybercriminals and United States Department of State - buy at terror actor , and many administration feature a shell out of trouble .