All Blogs
All Blogs
Threat Intelligence
January 16, 2020
2020-01-16
2025-04-23
11:06

Codename Shitrix: attackers scramble to exploit CVE-2019-19781

Request A Demo
CVE's
Contributors
Immersive
Content Team
Immersive
Share

US-based software firm Citrix last month released an advisory for a vulnerability that existed in Citrix Application Delivery Controller and Citrix Gateway installations. Exploit code for the vuln (CVE-2019-19781) was released to the public on 10th January, at which time there was no official patch.

This is concerning for a company that was brutally attacked by hackers last year, with swathes of its customer data exposed online. Resecurity attributed that attack to Iranian-linked hacker group IRIDIUM – and if that interests you, our full breakdown of Iran’s cyber capability is available here.

Research groups have now posted proof-of-concept (POC) exploit code for the recent vuln on GitHub, so Citrix’s mitigatory advice should be actioned by all affected organizations. Project Zero India released one exploit for the remotely executable flaw, while the other – dubbed Citrixmash – comes via security consulting firm TrustedSec.

And there are also reports suggesting that scanning activity has surged in recent days, which means it’s likely that attackers are now seeking systems to exploit.

At Immersive Labs we’ve created both red and blue team labs on Shitrix, so you can learn how to mitigate the vulnerability while also thinking like the bad guys. Check out our overview of the two labs below.

Blue Team lab

In this lab you will explore investigative techniques post-compromise by analyzing network traffic, identifying C2 commands and creating a Snort rule to detect future attacks.

Red Team lab

In this lab you will use the proof-of-concept code to exploit a vulnerable server and escalate your privileges to root.

Trusted by top
companies worldwide

customer insights
"The speed at which Immersive produces technical content is hugely impressive, and this turnaround has helped get our teams ahead of the curve, giving them hands-on experience with serious vulnerabilities, in a secure environment, as soon as they emerge."
TJ Campana
Head of Global Cybersecurity Operations, HSBC
"Realistic simulation of current threats is the only way to test and improve response readiness, and to ensure that the impact of a real attack is minimized. Immersive’s innovative platform, combined with Kroll’s extensive experience, provides the closest thing to replication of a real incident — all within a safe virtual environment."
Paul Jackson
Regional Managing Director, APAC Cyber Risk, Kroll
"Exploring cybersecurity can feel like a huge challenge with so many skills to master, but Immersive has made the journey so much easier for me over the past five years. This practical, interactive approach hasn’t just improved my technical abilities—it’s given me a real sense of confidence. I truly recommend Immersive!"
Paul Blance
Specsavers
"I recently got the chance to try out Immersive, and it was an enlightening experience! The gamified learning made absorbing new information quite enjoyable. The community is welcoming, adding to the overall positive atmosphere. It would be fantastic to see more active users, which could enhance collaboration and discussions. Overall, a solid platform!"
Atakan Bal
Mercedes Benz

Ready to Get Started?
Get a Live Demo.

Simply complete the form to schedule time with an expert that works best for your calendar.

Company

CommunityCareersCustomersCovenantLeadership & InvestorsCyber MillionSecurity & PrivacyLegalComplianceAccessibility StatementPrivacy NoticeModern Slavery StatementPressBlogCybersecurity GlossaryContact UsWebsite Terms

Product

Immersive LabsApplication SecurityCrisis SimulationsCyber DrillsCyber Range ExercisesWorkforce ExercisesCloud SecurityFor Red TeamsFor Blue TeamsCyber RangesTeam ExercisesResourcesSupport

Be Ready