The vulnerability, known as CVE-2019-19781, was disclosed on 17 December 2019 and enables an unauthenticated adversary to execute arbitrary code.
Due to active exploitation of this vulnerability, organisations running the affected applications that did not implement Citrix’s mitigations before 11 January 2020 should attempt to identify and remediate successful exploitation of their Citrix servers. Advice is provided in the Detecting Compromise and Remediating Compromise sections below.