Issue
A vulnerability has been identified in Citrix Virtual Apps and Desktops that could potentially allow a Windows VDA user to escalate their privilege level on that VDA to SYSTEM (CVE-2021-22928).
Mitigating Factors
The vulnerability only applies to VDAs that have either Citrix Profile Management or the Citrix Profile management WMI plug-in installed. Note that in environments where FSLogix is used for profile management, the VDA typically still has Citrix Profile Management and the Citrix Profile Management WMI plug-in installed as these components are necessary to drive some statistics in Director (e.g. logon duration).
Affected Versions
- Citrix Virtual Apps and Desktops 2106 and earlier
- Citrix Virtual Apps and Desktops 1912 LTSR CU3 and earlier
- Citrix Virtual Apps and Desktops 7.15 LTSR CU7 and earlier
Recommended Action
Citrix recommends applying the applicable hotfix to affected VDAs as soon as possible.
- Citrix Virtual Apps and Desktops 2106
- ProfilemgtWX86_2106_001 – https://support.citrix.com/article/CTX319995
- ProfilemgtWX64_2106_001 – https://support.citrix.com/article/CTX319996
- Citrix Virtual Apps and Desktops 1912 LTSR
- ProfilemgtWX64_1912_3001 – https://support.citrix.com/article/CTX319819
- UPMVDAPluginWX64_1912_3001 – https://support.citrix.com/article/CTX319668
- ProfilemgtWX86_1912_3001 – https://support.citrix.com/article/CTX319820
- UPMVDAPluginWX86_1912_3001 – https://support.citrix.com/article/CTX319671
- Citrix XenApp / XenDesktop 7.15 LTSR
- ProfilemgtWX64_7_15_7001 – https://support.citrix.com/article/CTX319817
- UPMVDAPluginWX64_7_15_7001 – https://support.citrix.com/article/CTX319669
- ProfilemgtWX86_7_15_7001 – https://support.citrix.com/article/CTX319818
- UPMVDAPluginWX86_7_15_7001 – https://support.citrix.com/article/CTX319670
More Information
You can read more about the issue here or reach out to our team if you would like professional assistance.