CVE-2024-7889Improper Control of a Resource Through its Lifetime in Citrix Workspace APP FOR Windows

CWE-664Improper Control of a Resource Through its LifetimeCWE-269Improper Privilege Management3 documents3 sources
Severity
7.0HIGHNVD
EPSS
0.1%
top 67.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Citrix Workspace APP FOR WindowsCitrix WorkspaceCitrix Workspace APP+1 more
Timeline
PublishedSep 11
Latest updateSep 12

Description

Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages5 packages

CVEListV5citrix/citrix_workspace_app_for_windowsCurrent Release (CR)2405+1
NVDcitrix/workspace< 2203.1+3

🔴Vulnerability Details

1
GHSA
GHSA-rvhr-9pp2-823m: Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows2024-09-12

📋Vendor Advisories

1
Citrix
Citrix Workspace app for Windows Security Bulletin CVE-2024-7889 and CVE-2024-78902024-09-10