Lucene search
+L

8 matches found

Rapid7 Blog
Rapid7 Blog
added 2025/07/14 2:7 p.m.6 views

CVE-2025-6759: Citrix Virtual Apps and Desktops - Local Privilege Escalation (FIXED)

Overview During a Virtual Desktop Infrastructure VDI breakout assessment, Rapid7 identified a Local Privilege Escalation LPE vulnerability affecting Citrix Virtual Apps and Desktops. This issue was assigned CVE-2025-6759 and has a CVSS score of 7.3 High. Rapid7 observed a SYSTEM process handle wi...

7.8CVSS6.3AI score0.00242EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/07/11 12:0 a.m.9 views

Citrix Virtual Apps and Desktops Privilege Escalation (CTX694820)

The version of Citrix Virtual Apps and Desktops installed on the remote Windows host is prior to 2503, or prior to 2402 LTSR CU1 Update 1, or prior to 2402 LTSR CU2 Update 2. It is, therefore, affected by a privilege escalation vulnerability. By exploiting this vulnerability, a local,...

7.8CVSS5.8AI score0.00242EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/07/10 10:13 p.m.5 views

CVE-2025-6759

Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Windows Virtual Delivery Agent for CVAD and Citrix DaaS...

7.8CVSS7.7AI score0.00242EPSS
Exploits0References1
NVD
NVD
added 2025/07/08 10:15 p.m.7 views

CVE-2025-6759

Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Windows Virtual Delivery Agent for CVAD and Citrix DaaS...

7.8CVSS0.00242EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/08 9:41 p.m.5 views

CVE-2025-6759 Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges

Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Windows Virtual Delivery Agent for CVAD and Citrix DaaS...

7.3CVSS7.6AI score0.00242EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/08 9:41 p.m.12 views

CVE-2025-6759 Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges

Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Windows Virtual Delivery Agent for CVAD and Citrix DaaS...

7.3CVSS0.00242EPSS
Exploits0References1
CVE
CVE
added 2025/07/08 9:41 p.m.41 views

CVE-2025-6759

CVE-2025-6759 affects Citrix Virtual Apps and Desktops — specifically the Windows Virtual Delivery Agent (VDA) used by CVAD and Citrix DaaS. The root cause is an open process handle with full access leaking from SYSTEM-owned GfxMgr.exe into a less-privileged processCtxGfx.exe, allowing a low-priv...

7.8CVSS7AI score0.00242EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2025/07/08 1:53 p.m.10 views

CVE-2025-6759

creationtimestamp| type| source ---|---|--- 2025-07-08 13:53:29+00:00| seen| https://bsky.app/profile/rapid7.com/post/3lthh6jaj222x 2025-07-08 22:03:31+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114819872243162699 2025-07-09 00:35:31+00:00| seen|...

7.8CVSS4.8AI score0.00242EPSS
Exploits0References8
Rows per page
Query Builder