Citrix patches critical vulnerabilities that let Attackers Execute Remote Code

published: July 12, 2023

Take action: Citrix systems are exposed on the internet and are very widely used for remote access. It's very wise to plan a patch deployment.


Learn More

Citrix has issued security advisories and patches regarding critical and high-severity vulnerabilities in their products, which have the potential to allow threat actors to escalate their privileges.

  • CVE-2023-24491 (CVSS score 7.8), affects Citrix Desktop for Windows versions lower than 23.5.1.3. If an attacker with an authenticated Standard user account gains access to an endpoint, they can exploit this vulnerability to elevate their privileges to NT AUTHORITY\SYSTEM.
  • CVE-2023-24492 (CVSS score of 9.8), pertains to Citrix Secure Access for Ubuntu in versions older than 23.5.2. Exploiting this flaw, attackers can remotely execute malicious code on a user's device. To accomplish this, they need to trick the user into clicking on a malicious link and then accepting subsequent prompts.

To address these vulnerabilities and prevent exploitation, Citrix advises users to upgrade to the latest versions of the affected products.

Citrix Secure Clients are widely used by organizations globally to enable remote system access for employees and previous vulnerabilities have been actively exploited in the wild.

Citrix patches critical vulnerabilities that let Attackers Execute Remote Code