Citrix released a security bulletin (CTX691485) detailing two critical vulnerabilities in the Citrix Workspace app for Windows.
These vulnerabilities, identified as CVE-2024-7889 and CVE-2024-7890, pose significant security risks. They allow local privilege escalation that could enable attackers to gain SYSTEM-level access.
The severity of these vulnerabilities has been classified as high, prompting urgent attention from organizations using affected software versions.
The vulnerabilities affect specific versions of the Citrix Workspace app for Windows. Current Release (CR) users should note that versions before 2405 are vulnerable.
Similarly, for those using the Long Term Service Release (LTSR), versions before 2402 LTSR CU1 are at risk. Users must verify their software version and apply necessary updates to mitigate potential threats.
Decoding Compliance: What CISOs Need to Know – Join Free Webinar
Table: Affected Versions
| Release Type | Vulnerable Versions |
| Current Release (CR) | Before 2405 |
| Long Term Service Release (LTSR) | Before 2402 LTSR CU1 |
CVE-2024-7889 is a local privilege escalation vulnerability that allows a low-privileged user to gain SYSTEM privileges on the affected system.
The vulnerability arises from CWE-664, which involves improper resource control throughout its lifetime.
This flaw has a CVSS v4.0 Base Score of 7.0, indicating a high level of risk. The attack requires local access to the target system, but it could lead to significant security breaches once exploited.
CVE-2024-7890, another local privilege escalation vulnerability, also enables a low-privileged user to gain SYSTEM privileges.
This issue stems from CWE-269, which pertains to improper privilege management.
With a CVSS v4.0 Base Score of 5.4, this vulnerability is slightly less severe than CVE-2024-7889 but still poses a substantial threat. Similar to the previous vulnerability, local access to the system is required for exploitation.
Citrix has acknowledged the severity of these vulnerabilities and is urging users to update their Citrix Workspace app for Windows to the latest versions.
The company has provided patches that address these security issues, and organizations must implement these updates promptly to protect their systems from potential attacks.
The discovery of these vulnerabilities in the Citrix Workspace app for Windows underscores the importance of maintaining robust cybersecurity measures.
Organizations must act swiftly to apply the recommended patches and safeguard their systems against potential privilege escalation attacks.
By staying informed and proactive, businesses can mitigate risks and protect their critical assets from cyber threats.
Simulating Cyberattack Scenarios With All-in-One Cybersecurity Platform – Watch Free Webinar
Researchers observed Lumma Stealer activity across multiple online samples, including PowerShell scripts and a disguised…
Palo Alto Networks reported the Contagious Interview campaign in November 2023, a financially motivated attack…
The recent discovery of the NjRat 2.3D Professional Edition on GitHub has raised alarms in…
A critical vulnerability, CVE-2024-3393, has been identified in the DNS Security feature of Palo Alto…
Threat Analysts have reported alarming findings about the "Araneida Scanner," a malicious tool allegedly based…
A major dark web operation dedicated to circumventing KYC (Know Your Customer) procedures, which involves…