CVE-2025-4879Improper Privilege Management in Citrix Workspace APP FOR Windows

CWE-269Improper Privilege Management3 documents3 sources
Severity
7.3HIGHNVD
EPSS
0.1%
top 79.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Citrix Workspace APP FOR WindowsCitrix Workspace
Timeline
PublishedJun 17
Latest updateAug 11

Description

Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5citrix/workspace_app_for_windowsCR2409+2
NVDcitrix/workspace< 2402+2

🔴Vulnerability Details

1
GHSA
GHSA-rj6g-gj4c-2vf5: Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows2025-06-17

💥Exploits & PoCs

1
Exploit-DB
ServiceNow Multiple Versions - Input Validation & Template Injection2025-08-11