An estimated 80,000 companies throughout 158 countries could be affected by vulnerabilities in software from Citrix, according to Bankinfosecurity.com.
Researchers at Positive Technologies discovered the vulnerabilities in Citrix Application Controller and Citrix Gateway. If exploited, an unauthorized third party could access published applications and other internal resources.
Since being notified of the vulnerabilities in December, Citrix has released patches. The software company recommends configuration changes be made to stand-alone systems.
"Citrix applications are widely used in corporate networks," said Dmitry Serebyannikov, director of security auditing at Positive Technologies, to Bankinfosecurity.com. "This includes their use for providing terminal access of employees to internal company applications from any device via the internet. Considering the high risk brough by the discovered vulnerability, and how widespread Citrix software is in the business community, we recommend information security professionals take immediate steps to mitigate the threat."