Citrix Workspace app for Windows Security Bulletin CVE-2024-6286
Issue
A vulnerability has been discovered that impacts the Citrix Workspace app for Windows. Refer to below for further details:
Affected Versions
The vulnerability affects the following supported versions of the Citrix Workspace app for Windows
Current Release (CR)
- Citrix Workspace app for Windows versions before 2403.1
Long Term Service Release (LTSR)
- Citrix Workspace app for Windows versions before 2402 LTSR
Summary
Citrix Workspace app for Windows contains the vulnerability mentioned below
CVD-ID | Description | Pre-Requisites | CWE | CVSS |
CVE-2024-6286 | Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges | Local access to the target system | CWE-269: Improper Privilege Management | CVSS v4.0 Base Score: 8.5 |
Recommended Action
Citrix strongly recommends that customers upgrade their Citrix Workspace app for Windows to versions that contain the fixes as soon as possible.
Citrix Workspace app for Windows versions that contain the fixes are:
Current Release (CR)
- Citrix Workspace app for Windows 2403.1 and later versions
Long Term Service Release (LTSR)
- Citrix Workspace app for Windows 2402 LTSR and later versions
More Information
For assistance from the Kraft Kennedy team, pleaseĀ contact us.