PT-2020-01: Arbitrary code execution in Citrix ADC Citrix Application Delivery Controller (ADC) and GatewaySeverity:Severity level: High Impact: Arbitrary code execution in Citrix ADC Access Vector: RemoteCVSS v3 Base Score: 9.8 HIGH Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HCVE: CVE-2019-19781Vulnerability description:This vulnerability allows an unauthorized, remote attacker to execute malicious code on the system, obtain unauthorized access to published applications, and attack intranet resources of the target organization via Citrix servers.Advisory status:05.12.2019 - Vendor gets vulnerability details 19.01.2020, 22.01.2020 23.01.2020, 24.01.2020 - Vendor releases fixed version and detailsCredits:The vulnerability was discovered by Mikhail Klyuchnikov, Positive Technologies