Citrix Workspace app for Windows Security Bulletin for CVE-2023-24484 & CVE-2023-24485

Citrix Workspace app for Windows Security Bulletin for CVE-2023-24484 & CVE-2023-24485

book

Article ID: CTX477617

calendar_today

Updated On:

Description

Vulnerabilities have been identified that, collectively, allow a standard Windows user to perform operations as SYSTEM on the computer running Citrix Workspace app.

These vulnerabilities have the following identifiers:

CVE ID 

Description 

Vulnerability Type 

Pre-conditions 

CVE-2023-24484

A malicious user can cause log files to be written to a directory that they do not have permission to write to.

CWE-284: Improper Access Control 

Local user access to a system where a vulnerable version of Citrix Workspace App for Windows is later installed or uninstalled by a SYSTEM process (e.g. SCCM).

CVE-2023-24485

Privilege Escalation on the system running a vulnerable version of Citrix Workspace app for Windows

CWE-284: Improper Access Control 

Local user access to a system at the time a vulnerable version of Citrix Workspace App for Windows is being installed or uninstalled by an Administrator or SYSTEM process (e.g. SCCM).

The vulnerability affects the following supported versions of Citrix Workspace App for Windows:

  • Citrix Workspace App versions before 2212 
  • Citrix Workspace App 2203 LTSR before CU2
  • Citrix Workspace App 1912 LTSR before CU7 Hotfix 2 (19.12.7002) 

Mitigating Factors

Customers who use the automatic update feature of Citrix Workspace app for Windows will automatically receive updates and may therefore already be protected against these issues. 

Additionally, these vulnerabilities are only exposed by a Windows Administrator or SYSTEM process (e.g. SCCM) performing the installation or uninstallation of a vulnerable version of Citrix Workspace App. Customers will only be affected by these vulnerabilities if they perform these actions using a vulnerable version of Citrix Workspace app for Windows.


Instructions

The issue has been addressed in the following versions of Citrix Workspace app for Windows:  

  • Citrix Workspace App 2212 and later 
  • Citrix Workspace App 2203 LTSR CU2 and later cumulative updates
  • Citrix Workspace App 1912 LTSR CU7 Hotfix 2 (19.12.7002) and later cumulative updates 

Citrix strongly recommends that customers upgrade to a fixed version as soon as possible. 

The latest version of Citrix Workspace app for Windows is available from the following Citrix website location: 

https://www.citrix.com/downloads/workspace-app/windows/ 

The latest LTSR version of Citrix Workspace app for Windows is available from the following Citrix website location: 

https://www.citrix.com/downloads/workspace-app/workspace-app-for-windows-long-term-service-release/ 

Citrix Workspace App 1912 LTSR before CU7 Hotfix 2 (19.12.7002) is available from the following Citrix website location:

https://support.citrix.com/article/CTX473064/hotfix-citrix-workspace-app-for-windows-1912-ltsr-cu7-hotfix-2-19127002-english


 

Acknowledgements

Citrix would like to thank the Lockheed Martin Red Team for working with us to protect Citrix customers.

Additional Information

DateChange
2023-02-14Initial publication