Lucene search
CitrixCTX477616HistoryFeb 14, 2023 - 4:01 p.m.
Citrix Virtual Apps and Desktops Security Bulletin for CVE-2023-24483
2023-02-1416:01:58
support.citrix.com
50
0.0004 Low
EPSS
Percentile
5.2%
A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM on a Citrix Virtual Apps and Desktops Windows VDA.
The vulnerability has been given the following identifier:
| CVE ID | Description | Vulnerability Type | Pre-conditions |
|---|---|---|---|
| CVE-2023-24483 | Privilege Escalation to NT AUTHORITY\SYSTEM on the vulnerable VDA | CWE-269: Improper Privilege Management | Local access to a Windows VDA as a standard Windows user |
The vulnerability affects the following supported versions of Citrix Virtual Apps and Desktops:
Current Release (CR)
- Citrix Virtual Apps and Desktops versions before 2212
Long Term Service Release (LTSR)
- Citrix Virtual Apps and Desktops 2203 LTSR before CU2
- Citrix Virtual Apps and Desktops 1912 LTSR before CU6
In addition, customers using Citrix Virtual Apps and Desktops Service using any of the vulnerable versions of Citrix Virtual Apps and Desktops Windows VDA are affected and need to take action.
Related
prion
prion
Design/Logic Flaw
2023-02-16 18:15:00
nessus
nessus
cve
cve
CVE-2023-24483
2023-02-16 18:15:11
cvelist
cvelist
cisa
cisa
malwarebytes
malwarebytes
Update now! February's Patch Tuesday tackles three zero-days
2023-02-15 03:00:00