Improper privilege management in Citrix Endpoint Analysis Client for Windows and Secure Access Client for Windows - CVE-2026-53565

 

Improper privilege management in Citrix Endpoint Analysis Client for Windows and Secure Access Client for Windows - CVE-2026-53565

Published: July 15, 2026


Vulnerability identifier: #VU137689
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-53565
CWE-ID: CWE-269
Exploitation vector: Local access
Exploit availability: No public exploit available
Vendor: Citrix
Affected software:
Citrix Endpoint Analysis Client for Windows
Secure Access Client for Windows

Detailed vulnerability description

The vulnerability allows a local user to escalate privileges to SYSTEM.

The vulnerability exists due to improper privilege management in Citrix Secure Access Client for Windows and Citrix Endpoint Analysis Client for Windows when running on a local system. A local user can exploit the privilege management flaw to escalate privileges to SYSTEM.


How to mitigate CVE-2026-53565

Install security update from vendor's website.

Sources