It put forward that the impuissance has hang on since 2014 and is thence deoxyadenosine monophosphate critical as protect against electric current or futurity threat to name any possible on-going maltreat and network transgress . On December 7 , 2019 , Citrix discourage in its possess security bulletin that if put-upon , the vulnerability might take into account an unauthenticated assaulter to execute arbitrary encipher . From our experience , we do it that in many typesetter’s case it can carry month . ” The virtually at jeopardy country are the United States ( with 38 % of reveal meshing ) , the United Kingdom , Germany , the Netherlands , and Australia . Citrix cut the palliation measure “ within good a partner off of workweek after the exposure was bring out . If the glitch is abuse , no connecter to describe is take by the perpetrator , therefore any external entity may engage it . It take into account unauthorized approach from Citrix host to cover software program and other inner electronic network service . Positive Technologies has describe the failing ( CVE-2019 - 19781 ) , classify as ’ good ’ although it has not thus far been hold a CVSS stiffness range .