CVE-2020-8269
HIGH EXPLOITED RANSOMWARECitrix Virtual Apps and Desktops < 2009, 1912 LTSR CU1, 7.15 LTSR CU6, 7.6 LTSR CU9 - Privilege Escalation to SYSTEM
Title source: llmExploitation Summary
CVE-2020-8269 has been observed exploited in the wild (reported by VulnCheck KEV), including in ransomware campaigns.
Description
An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://support.citrix.com/article/CTX285059
Scores
CVSS v3
8.8
EPSS
0.0037
EPSS Percentile
58.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
VulnCheck KEV
2021-01-26
Ransomware Use
Confirmed
CWE
CWE-269
Status
published
Products (8)
citrix/virtual_apps_and_desktops
< 2006
citrix/virtual_apps_and_desktops
1903 - 1912
citrix/xenapp
7.6 (2 CPE variants)
citrix/xenapp
7.15 (2 CPE variants)
citrix/xenapp
< 7.6
citrix/xendesktop
7.6 (2 CPE variants)
citrix/xendesktop
7.15 (2 CPE variants)
citrix/xendesktop
< 7.6
Published
Nov 16, 2020
Tracked Since
Feb 18, 2026