CVE-2016-9111

MEDIUM

Citrix Receiver Desktop Lock 4.5 - Auth Bypass

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-9111. PoCs published by Rithwik Jayasimha.

AI-analyzed exploit summary This exploit describes an incorrect access control vulnerability in Citrix Receiver/Receiver Desktop Lock 4.5, allowing physical attackers to bypass authentication by temporarily disconnecting the network. The method relies on manipulating network connectivity to unlock a locked VDI session.

Description

Incorrect access control mechanisms in Citrix Receiver Desktop Lock 4.5 allow an attacker to bypass the authentication requirement by leveraging physical access to a VDI for temporary disconnection of a LAN cable. NOTE: as of 20161208, the vendor could not reproduce the issue, stating "the researcher was unable to provide us with information that would allow us to confirm the behaviour and, despite extensive investigation on test deployments of supported products, we were unable to reproduce the behaviour as he described. The researcher has also, despite additional requests for information, ceased to respond to us."

Exploits (1)

exploitdb WRITEUP
by Rithwik Jayasimha · textlocalmultiple
https://www.exploit-db.com/exploits/40686

This exploit describes an incorrect access control vulnerability in Citrix Receiver/Receiver Desktop Lock 4.5, allowing physical attackers to bypass authentication by temporarily disconnecting the network. The method relies on manipulating network connectivity to unlock a locked VDI session.

Classification
Writeup 100%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Racy
Target: Citrix Receiver/Receiver Desktop Lock 4.5
No auth needed
Prerequisites: physical access to the target system · a locked VDI session with an active user
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry x_refsource_misc
https://vuldb.com/?id.93250
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1037176
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/40686/
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/94229

Scores

CVSS v3 6.8
EPSS 0.0178
EPSS Percentile 75.5%
Attack Vector PHYSICAL
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-254 CWE-284
Status published
Products (1)
citrix/receiver_desktop 4.5
Published Nov 07, 2016
Tracked Since Feb 18, 2026