• Insights

Citrix Workspace app for Windows Security Bulletin CVE-2024-6286

Jeff Silverman

< 1 min read

All Insights

Citrix Workspace app for Windows Security Bulletin CVE-2024-6286

Issue

A vulnerability has been discovered that impacts the Citrix Workspace app for Windows. Refer to below for further details:

Affected Versions

The vulnerability affects the following supported versions of the Citrix Workspace app for Windows

Current Release (CR)

  • Citrix Workspace app for Windows versions before 2403.1

Long Term Service Release (LTSR)

  • Citrix Workspace app for Windows versions before 2402 LTSR
Summary

Citrix Workspace app for Windows contains the vulnerability mentioned below

CVD-ID Description Pre-Requisites CWE CVSS
CVE-2024-6286 Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges Local access to the target system CWE-269: Improper Privilege Management CVSS v4.0 Base Score: 8.5
Recommended Action

Citrix strongly recommends that customers upgrade their Citrix Workspace app for Windows to versions that contain the fixes as soon as possible.

Citrix Workspace app for Windows versions that contain the fixes are:

Current Release (CR)

  • Citrix Workspace app for Windows 2403.1 and later versions

Long Term Service Release (LTSR)

  • Citrix Workspace app for Windows 2402 LTSR and later versions
More Information

https://support.citrix.com/article/CTX678036/citrix-workspace-app-for-windows-security-bulletin-cve20246286

For assistance from the Kraft Kennedy team, pleaseĀ contact us.