Lucene search
K

Citrix Secure Access < 25.5.1.15 Privilege Escalation (CTX694724)

🗓️ 27 Jun 2025 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 22 Views

Citrix Secure Access prior to 25.5.1.15 has a privilege escalation vulnerability for low-privileged users.

Related
Refs
Code
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(240757);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/07/08");

  script_cve_id("CVE-2025-0320");
  script_xref(name:"IAVB", value:"2025-A-0448");
  

  script_name(english:"Citrix Secure Access < 25.5.1.15 Privilege Escalation (CTX694724)");

  script_set_attribute(attribute:"synopsis", value:
"Citrix Secure Access formerly known as Citrix Gateway Plug-in for Windows installed on the remote Windows 
host is affected by a privilege escalation vulnerability.");
  script_set_attribute(attribute:"description", value:
"The version of Citrix Secure Access installed on the remote host is prior to 25.5.1.15. 
It is, therefore, affected by a privilege escalation vulnerability which allows a low-privileged user to gain SYSTEM privileges in Citrix Secure Access Client for windows.

Note that Nessus has not attempted to exploit this issue but has instead relied only on the application's
self-reported version number.");
  # https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694724&articleURL=Citrix_Secure_Access_Client_for_Windows_Security_Bulletin_for_CVE_2025_0320
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5caf26b8");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Citrix Secure Access Client for Windows version 25.5.1.15, or later.");
  script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N");
  script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:U");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-0320");

  script_set_attribute(attribute:"vuln_publication_date", value:"2025/06/17");
  script_set_attribute(attribute:"patch_publication_date", value:"2025/06/17");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/06/27");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:citrix:secure_access");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("citrix_gateway_plug-in_detect.nbin");
  script_require_ports("installed_sw/Citrix Gateway Plug-in", "installed_sw/Citrix Secure Access", "SMB/Registry/Enumerated");

  exit(0);
}


include('vdf.inc');

# @tvdl-content
var vuln_data = {
  'metadata': {'spec_version': '1.0'},
  'requires': [
    {'scope': 'target', 'match': {'os': 'windows'}}
  ],
  'checks': [
    {
      'product': {'name': 'Citrix Secure Access', 'type': 'app'},
      'check_algorithm': 'default',
      'constraints' : [
        {'fixed_version': '25.5.1.15'}
      ]
    }
  ]
};

var vdf_result = vdf::check_and_report(vuln_data:vuln_data, severity:SECURITY_HOLE);
vdf::handle_check_and_report_errors(vdf_result:vdf_result);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

08 Jul 2025 00:00Current
5.6Medium risk
Vulners AI Score5.6
CVSS 3.17.8
CVSS 48.6
EPSS0.00129
SSVC
22