cvelistv5 - cve-2024-7890

CVE-2024-7890 (GCVE-0-2024-7890)

Vulnerability from cvelistv5 – Published: 2024-09-11 22:32 – Updated: 2024-09-13 17:30

Summary

Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows

Severity ?

5.4 (Medium)


                        
                          CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE

CWE-269 - Improper Privilege Management

Assigner

Citrix

References

URL

Tags

https://support.citrix.com/s/article/CTX691485-ci…

Impacted products

	Vendor	Product	Version
	Citrix	Citrix Workspace app for Windows	Affected: Current Release (CR) 0 , < 2405 (patch) Affected: Long Term Service Release (LTSR) 0 , < 2402 LTSR CU1 (patch)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:citrix:workspace_app:*:*:*:*:*:windows:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "workspace_app",
            "vendor": "citrix",
            "versions": [
              {
                "lessThan": "2405",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:citrix:workspace_app:*:*:*:*:ltsr:windows:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "workspace_app",
            "vendor": "citrix",
            "versions": [
              {
                "lessThan": "2402_cu1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7890",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-12T03:55:28.595311Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-269",
                "description": "CWE-269 Improper Privilege Management",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-13T17:30:03.503Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Citrix Workspace app for Windows",
          "vendor": "Citrix",
          "versions": [
            {
              "lessThan": "2405",
              "status": "affected",
              "version": "Current Release (CR) 0",
              "versionType": "patch"
            },
            {
              "lessThan": "2402 LTSR CU1",
              "status": "affected",
              "version": "Long Term Service Release (LTSR) 0",
              "versionType": "patch"
            }
          ]
        }
      ],
      "datePublic": "2024-09-10T22:28:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eLocal privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows"
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "ACTIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-11T22:32:17.479Z",
        "orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
        "shortName": "Citrix"
      },
      "references": [
        {
          "url": "https://support.citrix.com/s/article/CTX691485-citrix-workspace-app-for-windows-security-bulletin-cve20247889-and-cve20247890?language=en_US"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Local privilege escalation allows a low-privileged user to gain SYSTEM privileges",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
    "assignerShortName": "Citrix",
    "cveId": "CVE-2024-7890",
    "datePublished": "2024-09-11T22:32:17.479Z",
    "dateReserved": "2024-08-16T16:50:37.055Z",
    "dateUpdated": "2024-09-13T17:30:03.503Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:citrix:workspace:*:*:*:*:ltsr:windows:*:*\", \"versionEndExcluding\": \"2203.1\", \"matchCriteriaId\": \"9F223A0E-ACB8-4448-9F53-BEAC3420D3CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:citrix:workspace:2203.1:cu1:*:*:ltsr:windows:*:*\", \"matchCriteriaId\": \"A1A14B8C-1B61-4682-AABE-4732B65E51BC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:citrix:workspace:2203.1:cu2:*:*:ltsr:windows:*:*\", \"matchCriteriaId\": \"B7B2DFE4-4965-46F8-A8E6-28E88EE1E8A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:citrix:workspace:2203.1:cu3:*:*:ltsr:windows:*:*\", \"matchCriteriaId\": \"8C9D0ACE-55C4-4AB3-AC48-91AF823A8D8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:citrix:workspace:2203.1:cu4:*:*:ltsr:windows:*:*\", \"matchCriteriaId\": \"0F12A663-578A-43D8-B141-31EC36BC72C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:citrix:workspace:2203.1:cu5:*:*:ltsr:windows:*:*\", \"matchCriteriaId\": \"9AC216C0-F7A6-4B71-8F3E-76C6ACC71F60\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:citrix:workspace:2203.1:cu6_hotfix1:*:*:ltsr:windows:*:*\", \"matchCriteriaId\": \"D7906C9C-9414-42D0-84EF-6447C4E5980F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:citrix:workspace:2203.1:cu6_hotfix2:*:*:ltsr:windows:*:*\", \"matchCriteriaId\": \"2C6ABB6B-C406-42EC-B46A-E6FF478D7607\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:citrix:workspace:2402:-:*:*:ltsr:windows:*:*\", \"matchCriteriaId\": \"54058497-4D16-4C1F-8A75-D4C5F8B11FCD\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:citrix:workspace:*:*:*:*:-:windows:*:*\", \"versionEndExcluding\": \"2405\", \"matchCriteriaId\": \"E588BF02-9C6F-4D41-8AF4-2DFFB2B06CA4\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows\"}, {\"lang\": \"es\", \"value\": \"La escalada de privilegios locales permite que un usuario con pocos privilegios obtenga permisos de SYSTEM en la aplicaci\\u00f3n Citrix Workspace para Windows\"}]",
      "id": "CVE-2024-7890",
      "lastModified": "2024-10-22T14:53:32.763",
      "metrics": "{\"cvssMetricV40\": [{\"source\": \"secure@citrix.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"4.0\", \"vectorString\": \"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\", \"baseScore\": 5.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"ACTIVE\", \"vulnerableSystemConfidentiality\": \"HIGH\", \"vulnerableSystemIntegrity\": \"HIGH\", \"vulnerableSystemAvailability\": \"HIGH\", \"subsequentSystemConfidentiality\": \"NONE\", \"subsequentSystemIntegrity\": \"NONE\", \"subsequentSystemAvailability\": \"NONE\", \"exploitMaturity\": \"NOT_DEFINED\", \"confidentialityRequirements\": \"NOT_DEFINED\", \"integrityRequirements\": \"NOT_DEFINED\", \"availabilityRequirements\": \"NOT_DEFINED\", \"modifiedAttackVector\": \"NOT_DEFINED\", \"modifiedAttackComplexity\": \"NOT_DEFINED\", \"modifiedAttackRequirements\": \"NOT_DEFINED\", \"modifiedPrivilegesRequired\": \"NOT_DEFINED\", \"modifiedUserInteraction\": \"NOT_DEFINED\", \"modifiedVulnerableSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedVulnerableSystemIntegrity\": \"NOT_DEFINED\", \"modifiedVulnerableSystemAvailability\": \"NOT_DEFINED\", \"modifiedSubsequentSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedSubsequentSystemIntegrity\": \"NOT_DEFINED\", \"modifiedSubsequentSystemAvailability\": \"NOT_DEFINED\", \"safety\": \"NOT_DEFINED\", \"automatable\": \"NOT_DEFINED\", \"recovery\": \"NOT_DEFINED\", \"valueDensity\": \"NOT_DEFINED\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\"}}], \"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.3, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.3, \"impactScore\": 5.9}]}",
      "published": "2024-09-11T23:15:10.133",
      "references": "[{\"url\": \"https://support.citrix.com/s/article/CTX691485-citrix-workspace-app-for-windows-security-bulletin-cve20247889-and-cve20247890?language=en_US\", \"source\": \"secure@citrix.com\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "secure@citrix.com",
      "vulnStatus": "Analyzed",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-269\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-7890\",\"sourceIdentifier\":\"secure@citrix.com\",\"published\":\"2024-09-11T23:15:10.133\",\"lastModified\":\"2024-10-22T14:53:32.763\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows\"},{\"lang\":\"es\",\"value\":\"La escalada de privilegios locales permite que un usuario con pocos privilegios obtenga permisos de SYSTEM en la aplicaci\u00f3n Citrix Workspace para Windows\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"secure@citrix.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"ACTIVE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.3,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:workspace:*:*:*:*:ltsr:windows:*:*\",\"versionEndExcluding\":\"2203.1\",\"matchCriteriaId\":\"9F223A0E-ACB8-4448-9F53-BEAC3420D3CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:workspace:2203.1:cu1:*:*:ltsr:windows:*:*\",\"matchCriteriaId\":\"A1A14B8C-1B61-4682-AABE-4732B65E51BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:workspace:2203.1:cu2:*:*:ltsr:windows:*:*\",\"matchCriteriaId\":\"B7B2DFE4-4965-46F8-A8E6-28E88EE1E8A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:workspace:2203.1:cu3:*:*:ltsr:windows:*:*\",\"matchCriteriaId\":\"8C9D0ACE-55C4-4AB3-AC48-91AF823A8D8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:workspace:2203.1:cu4:*:*:ltsr:windows:*:*\",\"matchCriteriaId\":\"0F12A663-578A-43D8-B141-31EC36BC72C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:workspace:2203.1:cu5:*:*:ltsr:windows:*:*\",\"matchCriteriaId\":\"9AC216C0-F7A6-4B71-8F3E-76C6ACC71F60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:workspace:2203.1:cu6_hotfix1:*:*:ltsr:windows:*:*\",\"matchCriteriaId\":\"D7906C9C-9414-42D0-84EF-6447C4E5980F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:workspace:2203.1:cu6_hotfix2:*:*:ltsr:windows:*:*\",\"matchCriteriaId\":\"2C6ABB6B-C406-42EC-B46A-E6FF478D7607\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:workspace:2402:-:*:*:ltsr:windows:*:*\",\"matchCriteriaId\":\"54058497-4D16-4C1F-8A75-D4C5F8B11FCD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:workspace:*:*:*:*:-:windows:*:*\",\"versionEndExcluding\":\"2405\",\"matchCriteriaId\":\"E588BF02-9C6F-4D41-8AF4-2DFFB2B06CA4\"}]}]}],\"references\":[{\"url\":\"https://support.citrix.com/s/article/CTX691485-citrix-workspace-app-for-windows-security-bulletin-cve20247889-and-cve20247890?language=en_US\",\"source\":\"secure@citrix.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-7890\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-12T03:55:28.595311Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:citrix:workspace_app:*:*:*:*:*:windows:*:*\"], \"vendor\": \"citrix\", \"product\": \"workspace_app\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"2405\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:2.3:a:citrix:workspace_app:*:*:*:*:ltsr:windows:*:*\"], \"vendor\": \"citrix\", \"product\": \"workspace_app\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"2402_cu1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-269\", \"description\": \"CWE-269 Improper Privilege Management\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-13T17:18:15.433Z\"}}], \"cna\": {\"title\": \"Local privilege escalation allows a low-privileged user to gain SYSTEM privileges\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 5.4, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"ACTIVE\", \"attackComplexity\": \"HIGH\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Citrix\", \"product\": \"Citrix Workspace app for Windows\", \"versions\": [{\"status\": \"affected\", \"version\": \"Current Release (CR) 0\", \"lessThan\": \"2405\", \"versionType\": \"patch\"}, {\"status\": \"affected\", \"version\": \"Long Term Service Release (LTSR) 0\", \"lessThan\": \"2402 LTSR CU1\", \"versionType\": \"patch\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2024-09-10T22:28:00.000Z\", \"references\": [{\"url\": \"https://support.citrix.com/s/article/CTX691485-citrix-workspace-app-for-windows-security-bulletin-cve20247889-and-cve20247890?language=en_US\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(252, 252, 252);\\\"\u003eLocal privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows\u003c/span\u003e\u003cbr\u003e\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"e437aed5-38e0-4fa3-a98b-cb73e7acaec6\", \"shortName\": \"Citrix\", \"dateUpdated\": \"2024-09-11T22:32:17.479Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-7890\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-13T17:30:03.503Z\", \"dateReserved\": \"2024-08-16T16:50:37.055Z\", \"assignerOrgId\": \"e437aed5-38e0-4fa3-a98b-cb73e7acaec6\", \"datePublished\": \"2024-09-11T22:32:17.479Z\", \"assignerShortName\": \"Citrix\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2024-7890

Vulnerability from fkie_nvd - Published: 2024-09-11 23:15 - Updated: 2024-10-22 14:53

Severity ?

7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Summary

Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows

References

	URL	Tags
	secure@citrix.com	https://support.citrix.com/s/article/CTX691485-citrix-workspace-app-for-windows-security-bulletin-cve20247889-and-cve20247890?language=en_US	Vendor Advisory

Impacted products

Vendor	Product	Version
citrix	workspace	*
citrix	workspace	2203.1
citrix	workspace	2203.1
citrix	workspace	2203.1
citrix	workspace	2203.1
citrix	workspace	2203.1
citrix	workspace	2203.1
citrix	workspace	2203.1
citrix	workspace	2402
citrix	workspace	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:citrix:workspace:*:*:*:*:ltsr:windows:*:*",
              "matchCriteriaId": "9F223A0E-ACB8-4448-9F53-BEAC3420D3CF",
              "versionEndExcluding": "2203.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:workspace:2203.1:cu1:*:*:ltsr:windows:*:*",
              "matchCriteriaId": "A1A14B8C-1B61-4682-AABE-4732B65E51BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:workspace:2203.1:cu2:*:*:ltsr:windows:*:*",
              "matchCriteriaId": "B7B2DFE4-4965-46F8-A8E6-28E88EE1E8A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:workspace:2203.1:cu3:*:*:ltsr:windows:*:*",
              "matchCriteriaId": "8C9D0ACE-55C4-4AB3-AC48-91AF823A8D8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:workspace:2203.1:cu4:*:*:ltsr:windows:*:*",
              "matchCriteriaId": "0F12A663-578A-43D8-B141-31EC36BC72C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:workspace:2203.1:cu5:*:*:ltsr:windows:*:*",
              "matchCriteriaId": "9AC216C0-F7A6-4B71-8F3E-76C6ACC71F60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:workspace:2203.1:cu6_hotfix1:*:*:ltsr:windows:*:*",
              "matchCriteriaId": "D7906C9C-9414-42D0-84EF-6447C4E5980F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:workspace:2203.1:cu6_hotfix2:*:*:ltsr:windows:*:*",
              "matchCriteriaId": "2C6ABB6B-C406-42EC-B46A-E6FF478D7607",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:workspace:2402:-:*:*:ltsr:windows:*:*",
              "matchCriteriaId": "54058497-4D16-4C1F-8A75-D4C5F8B11FCD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:citrix:workspace:*:*:*:*:-:windows:*:*",
              "matchCriteriaId": "E588BF02-9C6F-4D41-8AF4-2DFFB2B06CA4",
              "versionEndExcluding": "2405",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows"
    },
    {
      "lang": "es",
      "value": "La escalada de privilegios locales permite que un usuario con pocos privilegios obtenga permisos de SYSTEM en la aplicaci\u00f3n Citrix Workspace para Windows"
    }
  ],
  "id": "CVE-2024-7890",
  "lastModified": "2024-10-22T14:53:32.763",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.3,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "HIGH",
          "attackRequirements": "PRESENT",
          "attackVector": "LOCAL",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "ACTIVE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "secure@citrix.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-09-11T23:15:10.133",
  "references": [
    {
      "source": "secure@citrix.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.citrix.com/s/article/CTX691485-citrix-workspace-app-for-windows-security-bulletin-cve20247889-and-cve20247890?language=en_US"
    }
  ],
  "sourceIdentifier": "secure@citrix.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-269"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

CERTFR-2024-AVI-0762

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Citrix. Elles permettent à un attaquant de provoquer une élévation de privilèges.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Citrix	Workspace app	Citrix Workspace app versions antérieures à 2405 pour Windows
	Citrix	Workspace app	Citrix Workspace app versions antérieures à 2402 CU1 LTSR pour Windows

References

Title

Publication Time

Tags

Bulletin de sécurité Citrix CTX691485

2024-09-10

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Citrix Workspace app versions ant\u00e9rieures \u00e0 2405 pour Windows",
      "product": {
        "name": "Workspace app",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Citrix Workspace app versions ant\u00e9rieures \u00e0 2402 CU1 LTSR pour Windows",
      "product": {
        "name": "Workspace app",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-7889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7889"
    },
    {
      "name": "CVE-2024-7890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7890"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0762",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-09-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Citrix. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Citrix",
  "vendor_advisories": [
    {
      "published_at": "2024-09-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX691485",
      "url": "https://support.citrix.com/s/article/CTX691485-citrix-workspace-app-for-windows-security-bulletin-cve20247889-and-cve20247890"
    }
  ]
}

CERTFR-2024-AVI-0762

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Citrix. Elles permettent à un attaquant de provoquer une élévation de privilèges.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Citrix	Workspace app	Citrix Workspace app versions antérieures à 2405 pour Windows
	Citrix	Workspace app	Citrix Workspace app versions antérieures à 2402 CU1 LTSR pour Windows

References

Title

Publication Time

Tags

Bulletin de sécurité Citrix CTX691485

2024-09-10

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Citrix Workspace app versions ant\u00e9rieures \u00e0 2405 pour Windows",
      "product": {
        "name": "Workspace app",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Citrix Workspace app versions ant\u00e9rieures \u00e0 2402 CU1 LTSR pour Windows",
      "product": {
        "name": "Workspace app",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-7889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7889"
    },
    {
      "name": "CVE-2024-7890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7890"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0762",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-09-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Citrix. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Citrix",
  "vendor_advisories": [
    {
      "published_at": "2024-09-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX691485",
      "url": "https://support.citrix.com/s/article/CTX691485-citrix-workspace-app-for-windows-security-bulletin-cve20247889-and-cve20247890"
    }
  ]
}

WID-SEC-W-2024-2099

Vulnerability from csaf_certbund - Published: 2024-09-10 22:00 - Updated: 2024-09-10 22:00

Summary

Citrix Systems Workspace App: Mehrere Schwachstellen ermöglichen Privilegieneskalation

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Die Citrix Workspace App ist eine Client Software, die es ermöglicht von zahlreichen Geräten wie Smartphones, Tablets und PCs auf Dokumente, Applikationen und Desktops zuzugreifen.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen in Citrix Systems Workspace App ausnutzen, um seine Privilegien zu erhöhen.

Betroffene Betriebssysteme

- Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Die Citrix Workspace App ist eine Client Software, die es erm\u00f6glicht von zahlreichen Ger\u00e4ten wie Smartphones, Tablets und PCs auf Dokumente, Applikationen und Desktops zuzugreifen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Citrix Systems Workspace App ausnutzen, um seine Privilegien zu erh\u00f6hen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-2099 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-2099.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-2099 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2099"
      },
      {
        "category": "external",
        "summary": "Citrix Security Bulletin CTX691485 vom 2024-09-10",
        "url": "https://support.citrix.com/s/article/CTX691485-citrix-workspace-app-for-windows-security-bulletin-cve20247889-and-cve20247890?language=en_US"
      }
    ],
    "source_lang": "en-US",
    "title": "Citrix Systems Workspace App: Mehrere Schwachstellen erm\u00f6glichen Privilegieneskalation",
    "tracking": {
      "current_release_date": "2024-09-10T22:00:00.000+00:00",
      "generator": {
        "date": "2024-09-11T08:15:40.410+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.6"
        }
      },
      "id": "WID-SEC-W-2024-2099",
      "initial_release_date": "2024-09-10T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-09-10T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c2405",
                "product": {
                  "name": "Citrix Systems Workspace App \u003c2405",
                  "product_id": "T037439"
                }
              },
              {
                "category": "product_version",
                "name": "2405",
                "product": {
                  "name": "Citrix Systems Workspace App 2405",
                  "product_id": "T037439-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:citrix:workspace_app:2405"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c2402 LTSR CU1",
                "product": {
                  "name": "Citrix Systems Workspace App \u003c2402 LTSR CU1",
                  "product_id": "T037440"
                }
              },
              {
                "category": "product_version",
                "name": "2402 LTSR CU1",
                "product": {
                  "name": "Citrix Systems Workspace App 2402 LTSR CU1",
                  "product_id": "T037440-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:citrix:workspace_app:2402_ltsr_cu1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Workspace App"
          }
        ],
        "category": "vendor",
        "name": "Citrix Systems"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-7889",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Citrix Systems Workspace App. Diese Fehler existieren wegen einer unsachgem\u00e4\u00dfen Verwaltung von Privilegien und einer unsachgem\u00e4\u00dfen Kontrolle von Ressourcen w\u00e4hrend der Lebensdauer. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um seine Berechtigungen auf SYSTEM zu erweitern. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T037439",
          "T037440"
        ]
      },
      "release_date": "2024-09-10T22:00:00.000+00:00",
      "title": "CVE-2024-7889"
    },
    {
      "cve": "CVE-2024-7890",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Citrix Systems Workspace App. Diese Fehler existieren wegen einer unsachgem\u00e4\u00dfen Verwaltung von Privilegien und einer unsachgem\u00e4\u00dfen Kontrolle von Ressourcen w\u00e4hrend der Lebensdauer. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um seine Berechtigungen auf SYSTEM zu erweitern. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T037439",
          "T037440"
        ]
      },
      "release_date": "2024-09-10T22:00:00.000+00:00",
      "title": "CVE-2024-7890"
    }
  ]
}

GHSA-P7WM-H6Q7-MX95

Vulnerability from github – Published: 2024-09-12 00:31 – Updated: 2024-10-22 18:32

Details

Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows

Severity ?

7.3 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

5.4 (Medium)


                  
                    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-7890"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-11T23:15:10Z",
    "severity": "MODERATE"
  },
  "details": "Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows",
  "id": "GHSA-p7wm-h6q7-mx95",
  "modified": "2024-10-22T18:32:04Z",
  "published": "2024-09-12T00:31:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7890"
    },
    {
      "type": "WEB",
      "url": "https://support.citrix.com/s/article/CTX691485-citrix-workspace-app-for-windows-security-bulletin-cve20247889-and-cve20247890?language=en_US"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

NCSC-2024-0372

Vulnerability from csaf_ncscnl - Published: 2024-09-13 08:42 - Updated: 2024-09-13 08:42

Summary

Kwetsbaarheden verholpen in Citrix Workspace App for Windows

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten

Citrix heeft kwetsbaarheden verholpen in de Citrix Workspace App for Windows.

Interpretaties

Een lokale kwaadwillende kan de kwetsbaarheden misbruiken om zich verhoogde rechten toe te kennen en mogelijk code uit te voeren met rechten van SYSTEM.

Oplossingen

Citrix heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-664

Improper Control of a Resource Through its Lifetime

CWE-269

Improper Privilege Management

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Citrix heeft kwetsbaarheden verholpen in de Citrix Workspace App for Windows.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een lokale kwaadwillende kan de kwetsbaarheden misbruiken om zich verhoogde rechten toe te kennen en mogelijk code uit te voeren met rechten van SYSTEM.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Citrix heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improper Control of a Resource Through its Lifetime",
        "title": "CWE-664"
      },
      {
        "category": "general",
        "text": "Improper Privilege Management",
        "title": "CWE-269"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5; nvd",
        "url": "https://support.citrix.com/s/article/CTX691485-citrix-workspace-app-for-windows-security-bulletin-cve20247889-and-cve20247890?language=en_US"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Citrix Workspace App for Windows",
    "tracking": {
      "current_release_date": "2024-09-13T08:42:05.882665Z",
      "id": "NCSC-2024-0372",
      "initial_release_date": "2024-09-13T08:42:05.882665Z",
      "revision_history": [
        {
          "date": "2024-09-13T08:42:05.882665Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "systems_workspace_app__2402_ltsr_cu1",
            "product": {
              "name": "systems_workspace_app__2402_ltsr_cu1",
              "product_id": "CSAFPID-1639193",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:citrix_systems:systems_workspace_app__2402_ltsr_cu1:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "systems_workspace_app__2405",
            "product": {
              "name": "systems_workspace_app__2405",
              "product_id": "CSAFPID-1639192",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:citrix_systems:systems_workspace_app__2405:*:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "citrix_systems"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-7889",
      "product_status": {
        "known_affected": [
          "CSAFPID-1639192",
          "CSAFPID-1639193"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-7889",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7889.json"
        }
      ],
      "title": "CVE-2024-7889"
    },
    {
      "cve": "CVE-2024-7890",
      "product_status": {
        "known_affected": [
          "CSAFPID-1639192",
          "CSAFPID-1639193"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-7890",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7890.json"
        }
      ],
      "title": "CVE-2024-7890"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-7890 (GCVE-0-2024-7890)

FKIE_CVE-2024-7890

CERTFR-2024-AVI-0762

Solutions

CERTFR-2024-AVI-0762

Solutions

WID-SEC-W-2024-2099

GHSA-P7WM-H6Q7-MX95

NCSC-2024-0372

Tags

Sightings

Nomenclature