CVE-2023-24485

HIGH

Citrix Workspace app - Privilege Escalation

Title source: llm

Description

Vulnerabilities have been identified that, collectively, allow a standard Windows user to perform operations as SYSTEM on the computer running Citrix Workspace app.

References (1)

Core 1

Core References

Patch, Vendor Advisory

https://support.citrix.com/article/CTX477617/citrix-workspace-app-for-windows-security-bulletin-for-cve202324484-cve202324485

Scores

CVSS v3 7.8

EPSS 0.0014

EPSS Percentile 34.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-284 CWE-863

Status published

Products (3)

citrix/workspace 1912 (8 CPE variants)

citrix/workspace 2203.1 (2 CPE variants)

citrix/workspace < 2212

Published Feb 16, 2023

Tracked Since Feb 18, 2026