Vulnerability identifier: #VU46990
Vulnerability risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-345
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Citrix Workspace for Windows
Server applications /
Remote management servers, RDP, SSH
Vendor: Citrix
Description
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists within the automatic update service due to improper verification of data authenticity when installing updates. A remote attacker can execute arbitrary application on the system with elevated privileges.
Successful exploitation of the vulnerability requires that Windows file sharing (SMB) is enabled on the affected system and the updater service is running.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Citrix Workspace for Windows: 1808 - 2006.1
External links
http://support.citrix.com/article/CTX277662
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.