Insecure Permissions in Citrix Workspace App for Windows
CVE-2020-13885
7.8HIGH
Key Information:
- Vendor
Citrix
- Status
- Vendor
- CVE Published:
- 8 June 2020
Badges
👾 Exploit Exists🟡 Public PoC
What is CVE-2020-13885?
Citrix Workspace App for Windows prior to version 1912 contains a vulnerability that allows local users to exploit insecure permissions during the application’s uninstallation process. This security issue provides an opportunity for unauthorized privilege elevation, enabling users to perform actions that could compromise system integrity. It is essential for users to ensure their applications are up-to-date to mitigate potential risks associated with this vulnerability.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.