Citrix Application Delivery Controller and Citrix Gateway servers were found to contain a security vulnerability in December. Affected organisations include government and military agencies, public universities, hospitals, and financial institutions. The vulnerability is officially called CVE-2019-19781 but also goes by the more colloquial moniker of Shitrix Citrix has not yet released a patch for the critical vulnerability. Instead the company has detailed a series of mitigation steps until permanent fixes are made available hopefully by the end of the month.”]
Source: https://grahamcluley.com/shitrix-unpatched-citrix-vulnerability/