Remote Code Execution Vulnerability in Citrix Secure Access Client for Ubuntu
CVE-2023-24492

9.6CRITICAL

Key Information:

Vendor: Citrix
Status: Citrix Secure Access Client For Ubuntu
Vendor: CVE Published:; 11 July 2023

Summary

A serious vulnerability affects the Citrix Secure Access Client for Ubuntu, where an attacker could potentially execute arbitrary code on the victim's system. This exploitation could occur through an attacker-crafted link that, if opened by the user, leads to executing malicious commands after the user accepts prompts. This vulnerability underscores the importance of caution when interacting with unknown links and maintaining updated security protocols.

Affected Version(s)

Citrix Secure Access client for Ubuntu Linux 0 < 23.5.2

References

https://support.citrix.com/article/CTX564169/citrix-secur...

CVSS V3.1

Score:

9.6

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jul 11, 2023
Vulnerability Reserved
Jan 24, 2023