CVE-2020-13885

HIGH

Citrix Workspace App < 2006.1 - Incorrect Default Permissions

Title source: rule

Description

Citrix Workspace App before 1912 on Windows has Insecure Permissions which allows local users to gain privileges during the uninstallation of the application.

Exploits (1)

nomisec WRITEUP 1 stars

by hessandrew · poc

https://github.com/hessandrew/CVE-2020-13885

View Code ZIP pw:eip

References (2)

Core 2

Core References

Exploit, Third Party Advisory x_refsource_misc

https://github.com/hessandrew/CVE-2020-13885

Vendor Advisory x_refsource_confirm

https://support.citrix.com/article/CTX275460

Scores

CVSS v3 7.8

EPSS 0.0016

EPSS Percentile 36.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-276

Status published

Products (1)

citrix/workspace_app < 2006.1

Published Jun 08, 2020

Tracked Since Feb 18, 2026