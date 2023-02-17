Citrix Systems published multiple security advisories, announcing the release of a security update that addresses vulnerabilities.

CISA also urged users to update their Citrix Workspace Apps, Virtual Apps, and Desktops as soon as possible.

The vulnerabilities are tracked as CVE-2023-24486, CVE-2023-24484, CVE-2023-24485, and CVE-2023-24483 and can cause system takeover.

Citrix Systems published a security advisory, urging users to apply the patch as soon as possible. The update addresses four high-severity vulnerabilities affecting Virtual Apps and Desktops, and Workspace Apps products. Vulnerabilities can cause privilege escalation and complete session takeovers.

CISA warned

CISA also published a post and urged organizations to update the impacted products as soon as possible. The vulnerabilities, CVE-2023-24486, CVE-2023-24484, CVE-2023-24485, and CVE-2023-24483, are affecting:

Citrix Virtual Apps and Desktops versions before 2212

Citrix Virtual Apps and Desktops 2203 LTSR before CU2

Citrix Virtual Apps and Desktops 1912 LTSR before CU6

Citrix Workspace App versions before 2212

Citrix Workspace App 2203 LTSR before CU2

Citrix Workspace App 1912 LTSR before CU7 Hotfix 2 (19.12.7002)

Citrix Workspace app for Linux before 2302

The vulnerabilities are identified as:

CVE-2023-24483: Improper Privilege Management

Privilege Escalation to NT AUTHORITY\SYSTEM on the vulnerable VDA: A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM on a Citrix Virtual Apps and Desktops Windows VDA.

CVE-2023-24484: Improper Access Control

A malicious user can cause log files to be written to a directory that they do not have permission to write to: Vulnerabilities have been identified that, collectively, allow a standard Windows user to perform operations as SYSTEM on the computer running Citrix Workspace app.

CVE-2023-24485: Improper Access Control

Privilege Escalation on the system running a vulnerable version of Citrix Workspace app for Windows: Vulnerabilities have been identified that, collectively, allow a standard Windows user to perform operations as SYSTEM on the computer running Citrix Workspace app.

CVE-2023-24486: Improper Access Control

Session takeover: A vulnerability has been identified in Citrix Workspace app for Linux that, if exploited, may result in a malicious local user being able to gain access to the Citrix Virtual Apps and Desktops session of another user who is using the same computer from which the ICA session is launched.

Citrix urged customers to upgrade to a fixed version as soon as possible. Currently, there are no known workarounds for the vulnerabilities, thus updating the affected products is the only solution for organizations to protect their systems.