Citrix released a security bulletin (CTX691485) detailing two critical vulnerabilities in the Citrix Workspace app for Windows.
These vulnerabilities, identified as CVE-2024-7889 and CVE-2024-7890, pose significant security risks. They allow local privilege escalation that could enable attackers to gain SYSTEM-level access.
The severity of these vulnerabilities has been classified as high, prompting urgent attention from organizations using affected software versions.
Affected Versions
The vulnerabilities affect specific versions of the Citrix Workspace app for Windows. Current Release (CR) users should note that versions before 2405 are vulnerable.
Similarly, for those using the Long Term Service Release (LTSR), versions before 2402 LTSR CU1 are at risk. Users must verify their software version and apply necessary updates to mitigate potential threats.
Decoding Compliance: What CISOs Need to Know – Join Free Webinar
Table: Affected Versions
| Release Type | Vulnerable Versions |
| Current Release (CR) | Before 2405 |
| Long Term Service Release (LTSR) | Before 2402 LTSR CU1 |
Vulnerability Details
CVE-2024-7889
CVE-2024-7889 is a local privilege escalation vulnerability that allows a low-privileged user to gain SYSTEM privileges on the affected system.
The vulnerability arises from CWE-664, which involves improper resource control throughout its lifetime.
This flaw has a CVSS v4.0 Base Score of 7.0, indicating a high level of risk. The attack requires local access to the target system, but it could lead to significant security breaches once exploited.
CVE-2024-7890
CVE-2024-7890, another local privilege escalation vulnerability, also enables a low-privileged user to gain SYSTEM privileges.
This issue stems from CWE-269, which pertains to improper privilege management.
With a CVSS v4.0 Base Score of 5.4, this vulnerability is slightly less severe than CVE-2024-7889 but still poses a substantial threat. Similar to the previous vulnerability, local access to the system is required for exploitation.
Mitigation and Recommendations
Citrix has acknowledged the severity of these vulnerabilities and is urging users to update their Citrix Workspace app for Windows to the latest versions.
The company has provided patches that address these security issues, and organizations must implement these updates promptly to protect their systems from potential attacks.
The discovery of these vulnerabilities in the Citrix Workspace app for Windows underscores the importance of maintaining robust cybersecurity measures.
Organizations must act swiftly to apply the recommended patches and safeguard their systems against potential privilege escalation attacks.
By staying informed and proactive, businesses can mitigate risks and protect their critical assets from cyber threats.
Simulating Cyberattack Scenarios With All-in-One Cybersecurity Platform – Watch Free Webinar