Citrix has released security updates to address two critical vulnerabilities, tracked as CVE-2024-7889 and CVE-2024-7890, affecting the Citrix Workspace app for Windows.
These flaws could allow local attackers to gain SYSTEM privileges on compromised machines.
The vulnerabilities impact the following supported versions of the Citrix Workspace app for Windows:
- Current Release (CR) versions before 2405
- Long Term Service Release (LTSR) versions before 2402 LTSR CU1
CVE-2024-7889 is a local privilege escalation flaw that allows a low-privileged user to gain SYSTEM privileges by improperly controlling a resource through its lifetime (CWE-664). It has a CVSS v4.0 base score of 7.0.
Decoding Compliance: What CISOs Need to Know – Join Free Webinar
Similarly, CVE-2024-7890 also enables a low-privileged local user to escalate to SYSTEM privileges due to improper privilege management (CWE-269). This bug has a CVSS v4.0 base score of 5.4.
Both vulnerabilities require the attacker to have local access to the target system in order to be exploited.
Citrix strongly recommends customers upgrade their Citrix Workspace app for Windows installations to the following patched versions as soon as possible:
- Current Release (CR) 2405 and later
- Long-Term Service Release (LTSR) 2402 CU1 and later
To further harden Citrix Virtual Apps and Desktops (CVAD) environments against potential threats, Citrix provides the following security best practices:
- Use an encrypted Base URL for StoreFront deployments
- Enable ICA file signing on StoreFront servers
- Configure VDA encryption on VDA and Delivery Group objects
- Restrict physical access to Citrix ADC appliances
Applying these recommendations, in addition to staying up-to-date on security patches, can help establish a robust security baseline for virtualized environments.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has also published an alert encouraging users and administrators to review Citrix’s security updates and apply them promptly.
Simulating Cyberattack Scenarios With All-in-One Cybersecurity Platform – Watch Free Webinar