In an era where digital threats persistently test the fortresses of our digital world, our shields must continuously adapt and evolve. Recently, two significant vulnerabilities have been unearthed in the Citrix Secure Access client, both for Windows and Ubuntu. These security gaps, if left unchecked, could potentially grant attackers unauthorized access to our digital domains.
CVE-2023-24491: Local Privilege escalation in Citrix Secure Access client for Windows
First on our radar is CVE-2023-24491, a security vulnerability with a CVSS score of 7.8, found lurking in the Citrix Secure Access client for Windows. Akin to a treacherous gatekeeper, this flaw could permit an intruder with standard user account access to escalate their local privileges to that of NT AUTHORITY\SYSTEM. This issue afflicts versions prior to 23.5.1.3.
Fear not, for Citrix has swiftly crafted a countermeasure. Starting from version 23.5.1.3, this local privilege escalation is thwarted. For those still wielding versions vulnerable to this flaw, an immediate upgrade is imperative. If the Citrix Secure Access client for Windows is dispensed via the SSL VPN upgrade control feature of Citrix ADC or Citrix Gateway, scrutinize the versions being distributed. If you identify a vulnerable version, swift action is needed to replace it.
CVE-2023-24492: Remote Code Execution in Citrix Secure Access client for Ubuntu
The second flaw, CVE-2023-24492, is critical. This vulnerability, discovered in the Citrix Secure Access client for Ubuntu, bears a CVSS score of 9.6. An attacker can remotely execute code if the user, unwittingly playing into the attacker’s hands, clicks on a malicious link and accepts subsequent prompts. This vulnerability skulks in versions preceding 23.5.2.
The cure for this lethal poison lies in upgrading to version 23.5.2 and subsequent releases, which have been immunized against this threat. If the Citrix Secure Access client for Ubuntu is disseminated via the SSL VPN upgrade control feature of Citrix ADC or Citrix Gateway, inspect the versions being rolled out. Should you spot a vulnerable version, it must be promptly replaced.
For those distributing the client directly onto users’ devices, ensure your users are equipped with the secure client by downloading it from Citrix’s repository.
