← Back

CVE-2023-24483

nvd nist
Published: Feb 16, 2023Modified: Mar 18, 2025

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM on a Citrix Virtual Apps and Desktops Windows VDA.

Affected (9)

Citrix
1 product
Virtual Apps And Desktops
Configuration A
9 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Citrix
Virtual Apps And Desktops
Before 2212
Virtual Apps And Desktops
Version 1912
Virtual Apps And Desktops
Version 1912 cu1
Virtual Apps And Desktops
Version 1912 cu2
Virtual Apps And Desktops
Version 1912 cu3
Virtual Apps And Desktops
Version 1912 cu4
Virtual Apps And Desktops
Version 1912 cu5
Virtual Apps And Desktops
Version 2203
Virtual Apps And Desktops
Version 2203 cu1
Running on/withPlatform Versions
Microsoft
Windows
All versions

Related CWEs

CWE-269
Improper Privilege Management
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (2)

Source: secure@citrix.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.