Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:9 p.m.10 views

CVE-2020-8207

Improper access control in Citrix Workspace app for Windows 1912 CU1 and 2006.1 causes privilege escalation and code execution when the automatic updater service is running...

8.8CVSS7.7AI score0.02062EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2020/09/22 5:20 p.m.730 views

Known Citrix Workspace Bug Open to New Attack Vector

A Citrix Workspace vulnerability that was fixed in July has been found to have a secondary attack vector, which would allow cybercriminals to elevate privileges and remotely execute arbitrary commands under the SYSTEM account. The bug CVE-2020-8207, exists in the automatic update service of the...

6CVSS1.9AI score0.26869EPSS
Exploits0References6
CVE
CVE
added 2020/07/24 9:24 p.m.163 views

CVE-2020-8207

CVE-2020-8207 concerns Citrix Workspace app for Windows (1912 CU1 and 2006.1) where an improper access control in the Citrix Workspace Updater Service allows privilege escalation and code execution when the automatic updater is running. The vulnerability stems from the UpdateFilePath/UpdateFileHa...

8.8CVSS9AI score0.02062EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/07/24 9:24 p.m.24 views

CVE-2020-8207

Improper access control in Citrix Workspace app for Windows 1912 CU1 and 2006.1 causes privilege escalation and code execution when the automatic updater service is running...

9.2AI score0.02062EPSS
Exploits0References1
Pen Test Partners Blog
Pen Test Partners Blog
added 2020/07/21 3:27 p.m.150 views

Raining SYSTEM Shells with Citrix Workspace app

TL;DR Citrix Workspace is vulnerable to a remote command execution attack running under the context of the SYSTEM account. By sending a crafted message over a named pipe and spoofing the client process ID, the Citrix Workspace Updater Service can be tricked into executing an arbitrary process und...

7.2CVSS8.1AI score0.02062EPSS
Exploits2
Rows per page
Query Builder