Local Privilege Escalation Vulnerability in Citrix Workspace App for Windows
CVE-2024-6286

7.8HIGH

Key Information:

Vendor: Citrix
Status: Citrix Workspace App For Windows
Vendor: CVE Published:; 10 July 2024

What is CVE-2024-6286?

A local privilege escalation vulnerability exists in the Citrix Workspace app for Windows, enabling a low-privileged user to elevate their permissions to SYSTEM level. This flaw presents significant security risks as it could allow unauthorized access to sensitive system functions and data. It is vital for organizations using this software to apply relevant patches and maintain secure operational practices to mitigate the risks associated with this vulnerability.

Affected Version(s)

Citrix Workspace app for Windows 2403 < 1

Citrix Workspace app for Windows 2402 LTSR < 0

References

https://support.citrix.com/article/CTX678036

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 10, 2024
Vulnerability Reserved
Jun 24, 2024