CVE-2024-6151 Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges

🗓️ 10 Jul 2024 20:21:25Reported by CitrixType

Local Privilege escalation in Citrix Virtual Apps and Desktop

Reporter	Title	Published	Views	Family All 13
BDU FSTEC	The vulnerability of the Virtual Delivery Agent component of the Citrix Virtual Apps and Desktops (CVAD) virtualization and delivery software (formerly XenApp and XenDesktop) allows a malicious individual to escalate their privileges.	26 Aug 202400:00	–	bdu_fstec
Circl	CVE-2024-6151	10 Jul 202423:54	–	circl
CISA	Citrix Releases Security Updates for Multiple Products	9 Jul 202412:00	–	cisa
Tenable Nessus	Citrix Virtual Apps and Desktops Privilege Escalation (CTX678035)	12 Jul 202400:00	–	nessus
CNNVD	Citrix Systems Virtual Apps and Desktops Security Vulnerability	10 Jul 202400:00	–	cnnvd
Citrix	Windows Virtual Delivery Agent for CVAD and Citrix DaaS Security Bulletin CVE-2024-6151	9 Jul 202411:49	–	citrix
Citrix	Citrix Virtual Apps and Desktop - Configuration, Policies and Security.	14 Jul 202400:00	–	citrix
CVE	CVE-2024-6151	10 Jul 202420:21	–	cve
EUVD	EUVD-2024-47295	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Citrix Workspace, NetScaler ADC and NetScaler Gateway	11 Jul 202415:05	–	ncsc

[
  {
    "defaultStatus": "unaffected",
    "product": "Windows Virtual Delivery Agent",
    "vendor": "Citrix",
    "versions": [
      {
        "lessThan": "0",
        "status": "affected",
        "version": "2402",
        "versionType": "patch"
      },
      {
        "lessThan": "CU9",
        "status": "affected",
        "version": "1912 LTSR",
        "versionType": "patch"
      },
      {
        "lessThan": "CU5",
        "status": "affected",
        "version": "2203 LTSR",
        "versionType": "patch"
      }
    ]
  }
]

Source	Link
support	www.support.citrix.com/article/CTX678035

10 Jul 2024 20:21Current

CVSS 48.5

EPSS0.0016