Citrix Secure Access Client for Windows and Citrix Endpoint Analysis Client for Windows contain the vulnerabilities mentioned below
|
CVE-ID |
Description | Affected Products | Pre-conditions | CWE | CVSSv4 |
| CVE-2026-53565 | Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges |
Citrix Secure Access Client for Windows
|
Standard user access on local system | CWE-269: Improper Privilege Management |
CVSS v4.0 Base Score: 8.5 (CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N) |
| CVE-2026-53566 | Out-of-bounds memory read | Citrix Secure Access Client for Windows | Standard user access on local system and DNE driver is not installed | CWE-125: Out-of-bounds Read |
CVSS v4.0 Base Score: 6.8
|
Cloud Software Group strongly urges customers of Citrix Secure Access Client for Windows and Citrix Endpoint Analysis Client to install the relevant updated versions as soon as possible:
CVE-2026-53566:
Customers can determine if the DNE driver is not installed by referring to the following documentation: https://docs.netscaler.com/en-us/netscaler-gateway/current-release/vpn-user-config/select-gateway-plugin-for-users.html#completely-skip-the-dne-installation
Cloud Software Group thanks Carlos Garrido of Pentraze Cybersecurity for working with us to protect our customers.
Severity - High
Vulnerabilities have been discovered in the Citrix Secure Access Client for Windows and Citrix Endpoint Analysis Client. Refer to the information below for further details:
The following supported versions of Citrix Secure Access Client for Windows and Citrix Endpoint Analysis Client for Windows are affected by CVE-2026-53565:
The following supported versions of Citrix Secure Access Client for Windows are affected by CVE-2026-53566:
Citrix is notifying customers and channel partners about this potential security issue through the publication of this security bulletin on the Citrix Knowledge Center at https://support.citrix.com/support-home/topic-article-list?trendingCategory=20&trendingTopicName=Security%20Bulletin
If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at https://support.citrix.com/support-home/home
Citrix strongly recommends that all customers subscribe to receive alerts when a Citrix security bulletin is created or modified at https://support.citrix.com/wolken-support/view/aboutsupport/my-support-alerts
Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For details on our vulnerability response process and guidance on how to report security-related issues to Citrix, please see the following webpage: https://www.cloud.com/trust-center/support
| 2026-07-14 | Initial Publication |