EN
EN DE
EN
EN DE
Contact Us
Sign Up
Topics
Finance & insurance
Trade
Industry
IT & Consulting
Tourism
Transport
Law
Public

Citrix fixes severe flaws in Workspace, Virtual Apps and Desktops

0
Share:

Citrix Systems has released security updates for vulnerabilities in its Virtual Apps and Desktops, and Workspace Apps products.

The addressed security problems are categorized as high-severity and could enable attackers with local access to the target to elevate their privileges and take control of the affected system.

Citrix products are widely used by organizations worldwide, so it’s critical to apply the available security updates to prevent intruders from having an easy way to escalate their privileges on breached systems.

Privilege escalation is a key stage in a broad range of cyberattacks, including cyber espionage and ransomware, as threat actors need to gain higher privileges to stealthily exfiltrate data, disable security software, or spread to other systems for ransomware attacks.

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has published an alert about applying Citrix’s security updates as soon as possible.

The vulnerabilities addressed by Citrix yesterday are:

  • CVE-2023-24483: Improper privilege management flaw leading to privilege escalation to NT AUTHORITYSYSTEM. Impacts Citrix Virtual Apps and Desktops before 2212, 2203 LTSR before CU2, and 1912 LTSR before CU6.
  • CVE-2023-24484: Improper access control flaw allowing log files to be written to a directory that should be out of reach for regular users. Impacts Citrix Workspace App for Windows before 2212, 2203 LTSR before CU2, and 1912 LTSR before CU6.
  • CVE-2023-24485: Improper access control flaw leading to privilege escalation. Impacts Citrix Workspace App for Windows before 2212, 2203 LTSR before CU2, and 1912 LTSR before CU6.
  • CVE-2023-24486: Improper access control flaw leading to session takeover. Impacts Citrix Workspace App for Linux before 2302.

CVE-2023-24483 is the most severe of the flaws addressed this time. NT AUTHORITYSYSTEM is the highest level of access privileges on Windows, and a user gaining that privilege can execute arbitrary code, access sensitive information, and modify system configurations without restrictions.

If the breached system is part of a network, gaining NT AUTHORITYSYSTEM access would enable the attacker to move laterally within the network and pivot to adjacent systems as well.

The recommended upgrade targets that address the above flaws are the following:

  • Citrix Virtual Apps and Desktops 2212 and later versions
  • Citrix Virtual Apps and Desktops 2203 LTSR CU2 and later cumulative updates
  • Citrix Virtual Apps and Desktops 1912 LTSR CU6 and later cumulative updates
  • Citrix Workspace App 2212 and later
  • Citrix Workspace App 2203 LTSR CU2 and later cumulative updates
  • Citrix Workspace App 1912 LTSR CU7 Hotfix 2 (19.12.7002) and later cumulative updates
  • Citrix Workspace app for Linux 2302 and later

“Citrix strongly recommends that customers upgrade to a fixed version as soon as possible,” warns the software vendor’s security bulletin.

Currently, there is no mitigation advice or workarounds for the discovered security issues, so updating the impacted products is the only recommended approach to address the risks.

 

(c) Bill Toulas

Leave a Comment

Your email address will not be published. Required fields are marked *

loader-image
London, GB
1:35 am, Jul 13, 2025
weather icon 17°C
L: 15° | H: 18°
broken clouds
Humidity: 85 %
Pressure: 1015 mb
Wind: 5 mph ENE
Wind Gust: 0 mph
UV Index: 0
Precipitation: 0 mm
Clouds: 82%
Rain Chance: 0%
Visibility: 10 km
Sunrise: 4:58 am
Sunset: 9:13 pm
DailyHourly
Daily ForecastHourly Forecast
Today 10:00 pm
weather icon
15° | 18°°C 0 mm 0% 9 mph 80 % 1015 mb 0 mm/h
Tomorrow 10:00 pm
weather icon
19° | 27°°C 0 mm 0% 15 mph 72 % 1015 mb 0 mm/h
Tue Jul 15 10:00 pm
weather icon
15° | 21°°C 1 mm 100% 15 mph 70 % 1016 mb 0 mm/h
Wed Jul 16 10:00 pm
weather icon
16° | 27°°C 0.48 mm 48% 13 mph 79 % 1015 mb 0 mm/h
Thu Jul 17 10:00 pm
weather icon
17° | 21°°C 1 mm 100% 5 mph 89 % 1017 mb 0 mm/h
Today 4:00 am
weather icon
15° | 16°°C 0 mm 0% 4 mph 80 % 1015 mb 0 mm/h
Today 7:00 am
weather icon
17° | 17°°C 0 mm 0% 5 mph 69 % 1014 mb 0 mm/h
Today 10:00 am
weather icon
25° | 25°°C 0 mm 0% 5 mph 51 % 1013 mb 0 mm/h
Today 1:00 pm
weather icon
28° | 28°°C 0 mm 0% 4 mph 37 % 1012 mb 0 mm/h
Today 4:00 pm
weather icon
29° | 29°°C 0 mm 0% 6 mph 32 % 1010 mb 0 mm/h
Today 7:00 pm
weather icon
27° | 27°°C 0 mm 0% 9 mph 36 % 1009 mb 0 mm/h
Today 10:00 pm
weather icon
23° | 23°°C 0 mm 0% 7 mph 52 % 1011 mb 0 mm/h
Tomorrow 1:00 am
weather icon
21° | 21°°C 0 mm 0% 5 mph 56 % 1011 mb 0 mm/h
Weather from OpenWeatherMap
Name Price24H (%)
Bitcoin(BTC)
€100,430.57
-0.12%
Ethereum(ETH)
€2,519.30
-0.29%
XRP(XRP)
€2.34
0.69%
Tether(USDT)
€0.86
0.00%
Solana(SOL)
€137.85
-1.08%
USDC(USDC)
€0.86
-0.01%
Dogecoin(DOGE)
€0.168957
-1.67%
Shiba Inu(SHIB)
€0.000011
0.18%
Pepe(PEPE)
€0.000010
-0.09%
Peanut the Squirrel(PNUT)
€0.246209
7.19%
Risikomonitor
Know and monitor IT vulnerabilities with just one click before it is too late.

Utility link

Useful link

Newsletter

Follow Us

Facebook Twitter Youtube Linkedin

© 2025 risikomonitor.com gmbh

Scroll to Top