Citrix Virtual Apps and Desktops 2212 and later versions. ![]() RecommendationsĬERT-EU highly recommends installing the latest updated versions as soon as possible: The following versions are affected by these vulnerabilities:ĬVE-2023-24483 - Citrix Virtual Apps and Desktops before 2212, 2203 LTSR before CU2, and 1912 LTSR before CU6.ĬVE-2023-24484 - Citrix Workspace App for Windows before 2212, 2203 LTSR before CU2, and 1912 LTSR before CU6.ĬVE-2023-24485 - Citrix Workspace App for Windows before 2212, 2203 LTSR before CU2, and 1912 LTSR before CU6.ĬVE-2023-24486 - Citrix Workspace App for Linux before 2302. ĬVE-2023-24486: Improper access control flaw leading to session takeover. ĬVE-2023-24485: Improper access control flaw leading to privilege escalation. ĬVE-2023-24484: Improper access control flaw allowing log files to be written to a directory that should be out of reach for regular users. Technical DetailsĬVE-2023-24483: Improper privilege management flaw leading to privilege escalation to NT AUTHORITY\SYSTEM. It is then highly recommended to install the last security updates. If exploited, these vulnerabilities could enable attackers to elevate their privileges and take control of the affected system, but they need local access to the target. On February 14, 2023, Citrix released Security Bulletins regarding severe vulnerabilities affecting its Citrix Workspace, Virtual Apps and Desktops.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |