CVE Vulnerability

CVE-2023-24485

Vulnerabilities have been identified that, collectively, allow a standard Windows user to perform operations as SYSTEM on the computer running Citrix Workspace app.

7.8 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://support.citrix.com/article/CTX477617/citrix-workspace-app-for-windows-security-bulletin-for-cve202324484-cve202324485 Patch Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:citrix:workspace:1912:-:*:*:ltsr:windows:*:*
cpe:2.3:a:citrix:workspace:1912:cu1:*:*:ltsr:windows:*:*
cpe:2.3:a:citrix:workspace:1912:cu2:*:*:ltsr:windows:*:*
cpe:2.3:a:citrix:workspace:1912:cu3:*:*:ltsr:windows:*:*
cpe:2.3:a:citrix:workspace:1912:cu4:*:*:ltsr:windows:*:*
cpe:2.3:a:citrix:workspace:1912:cu5:*:*:ltsr:windows:*:*
cpe:2.3:a:citrix:workspace:1912:cu6:*:*:ltsr:windows:*:*
cpe:2.3:a:citrix:workspace:1912:cu1-hf1:*:*:ltsr:windows:*:*
cpe:2.3:a:citrix:workspace:2203.1:cu1:*:*:ltsr:windows:*:*
cpe:2.3:a:citrix:workspace:*:*:*:*:-:windows:*:*
cpe:2.3:a:citrix:workspace:2203.1:-:*:*:ltsr:windows:*:*
Information

Published : 2023-02-16 06:15

Updated : 2023-02-24 06:32

NVD link : CVE-2023-24485

Mitre link : CVE-2023-24485

Products Affected
No products.
CWE
No CWE.