CVE-2024-6286 & CVE-2024-6151: High-Risk Vulnerabilities in Citrix Workspace and Virtual Delivery Agent

Citrix has released a security advisory warning of two vulnerabilities (CVE-2024-6286 and CVE-2024-6151) affecting the Citrix Workspace app for Windows and the Virtual Delivery Agent for Windows. Both vulnerabilities carry a CVSSv4 score of 8.5, indicating a high severity level.

Local Privilege Escalation Risks

• CVE-2024-6286: Citrix Workspace App for Windows

A local privilege escalation vulnerability has been discovered in the Citrix Workspace app for Windows. This flaw allows a low-privileged user to gain SYSTEM privileges, significantly increasing the potential for malicious activities on the affected system.

• CVE-2024-6151: Virtual Delivery Agent for Windows

A similar local privilege escalation vulnerability has been identified in the Virtual Delivery Agent for Windows used by Citrix Virtual Apps and Desktops and Citrix DaaS. This vulnerability also allows a low-privileged user to escalate their privileges to SYSTEM level, posing a significant security threat.

Affected Versions

The following versions of Citrix software are affected:

• Citrix Workspace app for Windows: Versions prior to 2403.1 (Current Release) and 2402 LTSR (Long Term Service Release)
• Virtual Delivery Agent for Windows: Versions prior to 2402 (Current Release) and specific cumulative updates for LTSR versions

Immediate Action Required

Citrix strongly urges all customers to update their software to the latest patched versions as soon as possible:

• Citrix Workspace app for Windows: 2403.1 or later (Current Release) or 2402 LTSR or later (Long Term Service Release)
• Virtual Delivery Agent for Windows: 2402 or later (Current Release) or specific cumulative updates for LTSR versions