Citrix has found a new product that is vulnerable to the same security issue that affects Citrix Application Delivery Controller (ADC) and Citrix Gateway. The Dutch National Cybersecurity Centre (NCSC) says that companies should consider turning off Citrix appliances if the impact is acceptable. The vulnerability has a severity score of 9.8 out of 10 and was publicly disclosed by Positive Technologies on December 23, 2019. It does not require authentication and can allow arbitrary code execution to an attacker that is already on the internal network.
Source: https://www.bleepingcomputer.com/news/security/dutch-govt-suggests-turning-off-citrix-adc-devices-mitigations-may-fail/