6 matches found
CVE-2024-3661
CVE-2024-3661 – Summary : DHCP can inject routes via option 121 in the classless static route option, enabling an attacker on the same LAN to cause VPN traffic to leak onto the physical interface. This affects NetworkManager-based VPN setups where routes aren’t strictly bound to VPN interfaces. I...
CVE-2025-0320
CVE-2025-0320 affects Citrix Secure Access Client for Windows. A local privilege escalation allows a low-privileged user to gain SYSTEM privileges, due to the vulnerability described in Citrix/CTX694724 and corroborated by multiple feeds. The affected versions are prior to 25.5.1.15; Citrix recom...
CVE-2023-24491
The CVE-2023-24491 vulnerability affects the Citrix Secure Access client for Windows (versions before 23.5.1.3). It enables a local Privilege Escalation from a Standard User to NT AUTHORITY\SYSTEM when the vulnerable client is present on the endpoint. Citrix’ security bulletin (CTX561480) indicat...
CVE-2023-24492
The CVE-2023-24492 issue affects the Citrix Secure Access client for Ubuntu. A remote attacker can achieve code execution if a vulnerable user opens an attacker-crafted link and accepts subsequent prompts. Affected versions are prior to 23.5.2; mitigation is to update to 23.5.2 or later as indica...
CVE-2025-1222
CVE-2025-1222 affects Citrix Secure Access Client for Mac. The issue allows local attacker privilege elevation to perform limited modifications and read arbitrary data. Affected versions are Citrix Secure Access Client for Mac before 25.01.2. Citrix advises updating to 25.01.2 and later to remedi...
CVE-2025-1223
CVE-2025-1223 affects Citrix Secure Access Client for Mac. The Citrix bulletin and related feeds indicate local-privilege escalation where an attacker can gain application privileges to modify or read data. Affected versions are Citrix Secure Access Client for Mac before 25.01.2. Recommended reme...