Improper access control in Citrix Workspace app for Windows 1912 CU1 and 2006.1 causes privilege escalation and code execution when the automatic updater service is running.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
citrix workspace 1912 |
||
citrix workspace 2002 |
Patch out for Pen Test Partners-spotted vuln – you know what to do
Research outfit Pen Test Partners has uncovered a vulnerability in the Citrix Workspace app potentially allowing a privilege escalation to lead to full remote compromise of the host machine. The flaw, CVE-2020-8207 (not yet reserved at the time of publication), sees Workspace app's automatic update feature abused to gain access to a vulnerable Workspace app installation, with the attack vector being a named pipe. The hole has been patched and users of Citrix Workspace app should install the late...
Patch out for Pen Test Partners-spotted vuln – you know what to do
Research outfit Pen Test Partners has uncovered a vulnerability in the Citrix Workspace app potentially allowing a privilege escalation to lead to full remote compromise of the host machine. The flaw, CVE-2020-8207 (not yet reserved at the time of publication), sees Workspace app's automatic update feature abused to gain access to a vulnerable Workspace app installation, with the attack vector being a named pipe. The hole has been patched and users of Citrix Workspace app should install the late...