Vulnerabilities > CVE-2023-24491 - Unspecified vulnerability in Citrix Secure Access Client

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

citrix

NVD

Published: 2023-07-11

Updated: 2023-07-19

Summary

A vulnerability has been discovered in the Citrix Secure Access client for Windows which, if exploited, could allow an attacker with access to an endpoint with Standard User Account that has the vulnerable client installed to escalate their local privileges to that of NT AUTHORITY\SYSTEM.

Vulnerable Configurations

Part	Description	Count
Application	Citrix Citrix Secure Access Client *	1
OS	Microsoft Microsoft Windows -	1

References

https://support.citrix.com/article/CTX561480/citrix-secure-access-client-for-windows-security-bulletin-for-cve202324491