CVE-2023-24485 - OpenCVE

Vulnerabilities have been identified that, collectively, allow a standard Windows user to perform operations as SYSTEM on the computer running Citrix Workspace app.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Citrix	Workspace

Configuration 1 [-]

OR	cpe:2.3:a:citrix:workspace:::::-:windows::
	cpe:2.3:a:citrix:workspace:1912:-:::ltsr:windows::
	cpe:2.3:a:citrix:workspace:1912:cu1:::ltsr:windows::
	cpe:2.3:a:citrix:workspace:1912:cu1-hf1:::ltsr:windows::
	cpe:2.3:a:citrix:workspace:1912:cu2:::ltsr:windows::
	cpe:2.3:a:citrix:workspace:1912:cu3:::ltsr:windows::
	cpe:2.3:a:citrix:workspace:1912:cu4:::ltsr:windows::
	cpe:2.3:a:citrix:workspace:1912:cu5:::ltsr:windows::
	cpe:2.3:a:citrix:workspace:1912:cu6:::ltsr:windows::
	cpe:2.3:a:citrix:workspace:2203.1:-:::ltsr:windows::
	cpe:2.3:a:citrix:workspace:2203.1:cu1:::ltsr:windows::

No data.

References

Link	Providers
https://support.citrix.com/article/CTX477617/citrix-workspace-app-for-windows-security-bulletin-for-cve202324484-cve202324485

History

No history.

MITRE

Status: PUBLISHED

Assigner: Citrix

Published: 2023-02-16T00:00:00

Updated: 2024-08-02T10:56:04.241Z

Reserved: 2023-01-24T00:00:00

Link: CVE-2023-24485

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-02-16T18:15:12.133

Modified: 2023-02-24T18:32:53.893

Link: CVE-2023-24485

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-24485", "assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6", "assignerShortName": "Citrix", "dateUpdated": "2024-08-02T10:56:04.241Z", "dateReserved": "2023-01-24T00:00:00", "datePublished": "2023-02-16T00:00:00"}, "containers": {"cna": {"title": "Privilege Escalation on the system running a vulnerable version of Citrix Workspace app for Windows", "datePublic": "2023-02-15T00:00:00", "providerMetadata": {"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6", "shortName": "Citrix", "dateUpdated": "2023-02-16T00:00:00"}, "descriptions": [{"lang": "en", "value": "Vulnerabilities have been identified that, collectively, allow a standard Windows user to perform operations as SYSTEM on the computer running Citrix Workspace app."}], "affected": [{"vendor": "Citrix", "product": "Citrix Workspace App for Windows", "versions": [{"version": "Citrix Workspace App versions", "status": "affected", "lessThan": "2212", "versionType": "custom", "changes": [{"at": "2203 LTSR before CU2 ", "status": "unaffected"}, {"at": "1912 LTSR before CU7 Hotfix 2 (19.12.7002) ", "status": "unaffected"}]}]}], "references": [{"url": "https://support.citrix.com/article/CTX477617/citrix-workspace-app-for-windows-security-bulletin-for-cve202324484-cve202324485"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-284 Improper Access Control", "cweId": "CWE-284"}]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "source": {"discovery": "UNKNOWN"}, "workarounds": [{"lang": "en", "value": "These vulnerabilities are only exposed by a Windows Administrator or SYSTEM process (e.g. SCCM) performing the installation or uninstallation of a vulnerable version of Citrix Workspace App. Customers will only be affected by these vulnerabilities if they perform these actions using a vulnerable version of Citrix Workspace app for Windows."}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T10:56:04.241Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.citrix.com/article/CTX477617/citrix-workspace-app-for-windows-security-bulletin-for-cve202324484-cve202324485", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:citrix:workspace:*:*:*:*:-:windows:*:*", "matchCriteriaId": "BF677539-1D84-4A05-A8AF-09723A3909D5", "versionEndExcluding": "2212", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:workspace:1912:-:*:*:ltsr:windows:*:*", "matchCriteriaId": "554F6592-C252-4B1D-ABEF-C4EE7EACF061", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:workspace:1912:cu1:*:*:ltsr:windows:*:*", "matchCriteriaId": "3C032E97-4C37-4FE9-BD0E-3AC933489A5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:workspace:1912:cu1-hf1:*:*:ltsr:windows:*:*", "matchCriteriaId": "AECFCE88-901F-4025-AF58-BC7A9207CF97", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:workspace:1912:cu2:*:*:ltsr:windows:*:*", "matchCriteriaId": "179CEA0E-92D8-41A8-A2E2-B6808A2CAA25", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:workspace:1912:cu3:*:*:ltsr:windows:*:*", "matchCriteriaId": "998E9AAF-E239-4861-8377-B62330FAB903", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:workspace:1912:cu4:*:*:ltsr:windows:*:*", "matchCriteriaId": "37D106D3-119F-4194-8F16-C3317248A4D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:workspace:1912:cu5:*:*:ltsr:windows:*:*", "matchCriteriaId": "3078BBCA-DC94-4B7A-8B74-C012DB4A98A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:workspace:1912:cu6:*:*:ltsr:windows:*:*", "matchCriteriaId": "D826A570-C5C3-4E67-BABE-E1999C2AB60B", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:workspace:2203.1:-:*:*:ltsr:windows:*:*", "matchCriteriaId": "FEB0B74B-89A7-4194-8881-F35FEAE672BE", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:workspace:2203.1:cu1:*:*:ltsr:windows:*:*", "matchCriteriaId": "A1A14B8C-1B61-4682-AABE-4732B65E51BC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Vulnerabilities have been identified that, collectively, allow a standard Windows user to perform operations as SYSTEM on the computer running Citrix Workspace app."}], "id": "CVE-2023-24485", "lastModified": "2023-02-24T18:32:53.893", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-02-16T18:15:12.133", "references": [{"source": "secure@citrix.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://support.citrix.com/article/CTX477617/citrix-workspace-app-for-windows-security-bulletin-for-cve202324484-cve202324485"}], "sourceIdentifier": "secure@citrix.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-284"}], "source": "secure@citrix.com", "type": "Secondary"}]}