Low-Privilege Escalation Threat Affects Citrix Workspace for Windows
CVE-2024-7890

7.3HIGH

Key Information:

Vendor: Citrix
Status: Citrix Workspace App For Windows
Vendor: CVE Published:; 11 September 2024

What is CVE-2024-7890?

A local privilege escalation vulnerability exists in Citrix Workspace app for Windows, allowing low-privileged users to elevate their privileges to SYSTEM level. This issue could expose sensitive systems and data, offering attackers the ability to execute malicious actions as a privileged user. Organizations using affected versions should take immediate steps to apply security patches and mitigate potential risks associated with this vulnerability.

Affected Version(s)

Citrix Workspace app for Windows Current Release (CR) 0 < 2405

Citrix Workspace app for Windows Long Term Service Release (LTSR) 0 < 2402 LTSR CU1

References

https://support.citrix.com/s/article/CTX691485-citrix-wor...

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 11, 2024
Vulnerability Reserved
Aug 16, 2024