Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
CitrixWorkspace

14 matches found

CVE
CVEadded 2024/07/10 8:25 p.m.7745 views

CVE-2024-6286

CVE-2024-6286 affects Citrix Workspace app for Windows. The vulnerability is a Local Privilege Escalation allowing a low-privileged user to gain SYSTEM privileges. Affected versions are Citrix Workspace app for Windows before 2403.1 (Current Release) and before 2402 LTSR (Long Term Service Releas...

8.5CVSS7.4AI score0.00153EPSS
CVE
CVEadded 2023/07/10 8:36 p.m.1907 views

CVE-2023-24486

Citrix Workspace app for Linux is affected by a session takeover vulnerability (CVE-2023-24486) due to improper access control. An authenticated local user could gain access to another user’s Citrix Virtual Apps and Desktops session on the same machine when launching published desktops/applicatio...

5.5CVSS5.5AI score0.00082EPSS
CVE
CVEadded 2019/05/22 4:46 p.m.1088 views

CVE-2019-11634

CVE-2019-11634 affects Citrix Workspace app and Receiver for Windows. Affected versions before 1904 are vulnerable to remote code execution due to Incorrect Access Control where local drive access preferences may not be enforced, enabling an unauthenticated remote attacker to execute arbitrary co...

9.8CVSS9.4AI score0.3078EPSS
In wild
CVE
CVEadded 2021/05/27 11:14 a.m.985 views

CVE-2021-22907

CVE-2021-22907 is a local privilege escalation vulnerability in Citrix Workspace App for Windows caused by improper access control. The issue affects Citrix Workspace App on Windows in versions prior to 2105 and the 1912 LTSR branch prior to CU4. A local user with admin privileges could escalate ...

7.8CVSS7.7AI score0.00127EPSS
CVE
CVEadded 2023/02/16 12:0 a.m.302 views

CVE-2023-24485

Citrix Workspace App for Windows vulnerabilities CVE-2023-24484 and CVE-2023-24485 allow a local user to escalate to SYSTEM during installation/uninstallation of vulnerable versions. AFFECTED SOFTWARE: Citrix Workspace App for Windows (pre-2212; 2203 LTSR before CU2; 1912 LTSR before CU7 Hotfix 2...

7.8CVSS7.7AI score0.00142EPSS
CVE
CVEadded 2020/07/24 9:24 p.m.154 views

CVE-2020-8207

CVE-2020-8207 concerns Citrix Workspace app for Windows (1912 CU1 and 2006.1) where an improper access control in the Citrix Workspace Updater Service allows privilege escalation and code execution when the automatic updater is running. The vulnerability stems from the UpdateFilePath/UpdateFileHa...

8.8CVSS9AI score0.00726EPSS
CVE
CVEadded 2023/02/16 12:0 a.m.134 views

CVE-2023-24484

CVE-2023-24484 concerns Citrix Workspace App for Windows. A local attacker can cause log files to be written to a directory they are not authorized to write to, under conditions where vulnerable software is installed or uninstalled by a SYSTEM/Administrator process. Affected versions include Citr...

5.5CVSS5.6AI score0.00116EPSS
CVE
CVEadded 2022/02/09 10:5 p.m.85 views

CVE-2022-21825

CVE-2022-21825 affects Citrix Workspace App for Linux 2012–2111 when App Protection is installed. The issue is described as an improper access control vulnerability that enables local privilege escalation by a local user. The vulnerability is specifically tied to App Protection; Citrix’s advisory...

7.8CVSS7.4AI score0.00041EPSS
CVE
CVEadded 2024/09/11 10:16 p.m.75 views

CVE-2024-7889

CVE-2024-7889 affects Citrix Workspace App for Windows. It enables local privilege escalation by a low-privileged user to SYSTEM, attributed to improper privilege management/resource lifetime handling. The issue is part of multiple local elevation vulnerabilities in Citrix Workspace App for Windo...

7.3CVSS7.5AI score0.00131EPSS
CVE
CVEadded 2024/07/10 8:40 p.m.70 views

CVE-2024-6148

CVE-2024-6148 affects Citrix Workspace app for HTML5 prior to version 2404.1. The Citrix CTX678037 security bulletin documents two vulnerabilities: (1) bypass of GACS Policy Configuration settings, and (2) redirection of users to a vulnerable URL (CVE-2024-6149). The issue originates in the HTML5...

8.8CVSS7AI score0.00089EPSS
CVE
CVEadded 2024/09/11 10:32 p.m.66 views

CVE-2024-7890

CVE-2024-7890 affects Citrix Workspace App for Windows, enabling local privilege escalation for a low-privileged user to gain SYSTEM privileges. The CVE entry notes a local, low-complexity path requiring user interaction, with high impact on confidentiality, integrity and availability. Related ad...

7.3CVSS7.5AI score0.00122EPSS
CVE
CVEadded 2024/07/10 8:42 p.m.65 views

CVE-2024-6149

CVE-2024-6149 affects the Citrix Workspace app for HTML5. According to Citrix CTX678037, versions before 2404.1 are vulnerable to an untrusted URL redirection when the HTML5 session is launched, with the issue described as “Redirection of users to a vulnerable URL.” The vulnerability requires an ...

6.1CVSS6.9AI score0.00433EPSS
CVE
CVEadded 2024/09/10 2:55 p.m.59 views

CVE-2024-42423

The CVE-2024-42423 entry concerns Citrix Workspace App 23.9.0.24.4 on Dell ThinOS 2311 with an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin. A local, unauthenticated user with low privileges could bypass controls, potentially leading to information disclosure and ...

7.1CVSS6.2AI score0.00027EPSS
CVE
CVEadded 2025/06/17 1:2 p.m.48 views

CVE-2025-4879

CVE-2025-4879 affects Citrix Workspace app for Windows. The issue is a local privilege escalation where a low-privileged user can gain SYSTEM privileges due to improper privilege management exposed by the Citrix advisory CTX694718. Affected versions are Citrix Workspace app for Windows before spe...

7.8CVSS7.1AI score0.00068EPSS