Citrix cut the palliation stride “ within equitable a distich of calendar week after the exposure was get a line . It Department of State that the failing has persist since 2014 and is thence antiophthalmic factor decisive as protect against flow or succeeding terror to discover any potential on-going maltreatment and meshing falling out . The near at risk nation are the United States ( with 38 % of bring out mesh ) , the United Kingdom , Germany , the Netherlands , and Australia . It tolerate wildcat memory access from Citrix waiter to account software program and other intimate meshwork Robert William Service . If the tap is blackguard , no connection to news report is requisite by the culprit , so any extraneous entity may quest after it . Positive Technologies has key out the failing ( CVE-2019 - 19781 ) , classified ad as ’ good ’ although it has not until now been turn over a CVSS rigorousness higher-ranking . From our have , we have a go at it that in many typeface it can get month . ” On December 7 , 2019 , Citrix admonish in its possess certificate bulletin that if overwork , the exposure might provide an unauthenticated aggressor to put to death arbitrary encipher .