Published: 16/11/2020 Updated: 03/12/2020

CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 801

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM in CVAD versions prior to 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9

Vulnerable Product	Search on Vulmon	Subscribe to Product
citrix virtual apps and desktops
citrix xenapp
citrix xenapp 7.6
citrix xenapp 7.15
citrix xendesktop
citrix xendesktop 7.6
citrix xendesktop 7.15

Description of Problem Vulnerabilities have been identified in Citrix Virtual Apps and Desktops that could, if exploited, result in: An authenticated user of a multi-session Windows VDA, who has been granted permission to write to c:\ root directory, being able to escalate their privilege level ...

CWE-269 https://support.citrix.com/article/CTX285059 https://nvd.nist.gov https://support.citrix.com/article/CTX285059

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-8269

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect