Privilege Escalation to NT AUTHORITY\SYSTEM on the vulnerable VDA
CVE-2023-24483
7.8HIGH
Key Information
- Vendor
- Citrix
- Status
- Citrix Virtual Apps and Desktops
- Vendor
- CVE Published:
- 16 February 2023
Summary
A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM on a Citrix Virtual Apps and Desktops Windows VDA.
Affected Version(s)
Citrix Virtual Apps and Desktops < 2212
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database