Local Privilege Escalation Vulnerability in Citrix Secure Access Client for Windows
CVE-2023-24491

7.8HIGH

Key Information:

Vendor: Citrix
Status: Citrix Secure Access Client For Windows
Vendor: CVE Published:; 11 July 2023

What is CVE-2023-24491?

A vulnerability in the Citrix Secure Access Client for Windows allows attackers to escalate local privileges from a Standard User Account to NT AUTHORITY\SYSTEM. This can potentially enable unauthorized access to sensitive system-level resources, posing a security risk for environments relying on this client.

Affected Version(s)

Citrix Secure Access client for Windows Windows 0 < 23.5.1.3

References

https://support.citrix.com/article/CTX561480/citrix-secur...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 11, 2023
Vulnerability Reserved
Jan 24, 2023