⚠ Actively exploited in ransomware campaigns

This vulnerability is on the CISA Known Exploited Vulnerabilities list and has been used in known ransomware attacks. CISA required action: Apply updates per vendor instructions.. Due date: 2022-05-03.

CVE-2019-11634 — Improper Access Control in Citrix Workspace

CWE-284 — Improper Access Control9 documents6 sources

Severity

9.8CRITICALNVD

EPSS

30.8%

top 3.26%

CISA KEV

KEVRansomware

Added 2021-11-03

Due 2022-05-03

Exploit

Exploited in wild

Active exploitation observed

Affected products

Citrix Workspace Citrix Receiver Citrix Workspace +2 more

Timeline

PublishedMay 22

KEV addedNov 3

KEV dueMay 3

Latest updateMay 24

CISA Required Action: Apply updates per vendor instructions.

Description

Citrix Workspace App before 1904 for Windows has Incorrect Access Control.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages6 packages

▶NVDcitrix/workspace< 1904

▶citrixcitrix/workspace

▶citrixcitrix/citrix_workspace

▶citrixcitrix/citrix_workspace_app

▶NVDcitrix/receiver4.9

🔴Vulnerability Details

GHSA

GHSA-cqg8-w8fp-8gm6: Citrix Workspace App before 1904 for Windows has Incorrect Access Control↗2022-05-24

▶

VulnCheck

Citrix Workspace Application and Receiver for Windows Remote Code Execution Vulnerability↗2019

▶

📋Vendor Advisories

CISA

Citrix Workspace Application and Receiver for Windows Remote Code Execution Vulnerability↗2021-11-03

▶

Citrix

CVE-2019-11634: Citrix Workspace App before 1904 for Windows has Incorrect Access Control.↗2019-05-22

▶

Citrix

CVE-2019-11634 - Remote Code Execution Vulnerability in Citrix Workspace app and Receiver for Windows↗

▶

Citrix

CVE-2019-11634 - Improper Access Control Vulnerability in AppDNA↗

▶

🕵️Threat Intelligence

Qualys

Nefilim Ransomware↗2021-05-12

▶

Qualys

Nefilim Ransomware: Tactics, Impact, and Mitigation Strategies | Qualys↗2021-05-12

▶