Citrix Workspace 1912



  1. Citrix Workspace 1912 For Windows 10
  2. Cumulative Update 1 (CU1) - Citrix Docs
  3. See All Results For This Question

Citrix Workspace App for Windows 1912 LTSR Ask question Announcements. Seamlessly Migrate on-premises Citrix ADM to Citrix Cloud. For more information. Citrix Virtual Apps and Desktops (CVAD) 1912 is a Long-Term Support Release (LTSR), which is supported for 5 years from the December 2019 release date. Citrix will periodically release Cumulative Updates for 1912 LTSR. Virtual Apps and Desktops Component Architecture Poster; Citrix VDI Best Practices for XenApp and XenDesktop 7.15 LTSR.

Modified

This vulnerability has been modified since it was last analyzed by the NVD. It is awaiting reanalysis which may result in further changes to the information provided.

Current Description

Citrix Workspace App before 1912 on Windows has Insecure Permissions and an Unquoted Path vulnerability which allows local users to gain privileges during the uninstallation of the application.


Analysis Description

Citrix Workspace App before 2006.1 on Windows has Insecure Permissions for %PROGRAMDATA%Citrix (and an unquoted UninstallString), which allows local users to gain privileges by copying a malicious citrix.exe there.

Severity

CVSS 3.x Severity and Metrics:
NIST:NVD
Vector:NVD
Vector:HyperlinkResourcehttps://github.com/hessandrew/CVE-2020-13884ExploitThird Party Advisoryhttps://support.citrix.com/article/CTX275460

Weakness Enumeration

CWE-IDCWE NameSource
CWE-276Incorrect Default PermissionsNIST

Known Affected Software Configurations Switch to CPE 2.2

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

2 change records found show changes
downloadWhy can't I download this file?

A vulnerability has been identified in the automatic update service of Citrix Workspace app for Windows that could result in:

  • A local user escalating their privilege level to that of an administrator on the computer running Citrix Workspace app for Windows.

  • A remote compromise of the computer running Citrix Workspace app when Windows file sharing (SMB) is enabled.

The issue has the following identifier:

  • CVE-2020-8207

This vulnerability affects the following supported versions of Citrix Workspace app for Windows:

  • Citrix Workspace app 2002, 2006 and 2006.1 for Windows
  • Citrix Workspace app 1912 LTSR for Windows (before CU1 Hotfix 1)

Note that this vulnerability was originally reported against a subset of the versions above. However, further investigation has discovered potential variant forms of this attack and the affected versions have been amended accordingly.

This vulnerability does not affect Citrix Workspace app on any other platforms or any supported versions of Citrix Receiver.

Mitigating Factors

This vulnerability only exists if Citrix Workspace app was installed using an account with local or domain administrator privileges. It does not exist when a standard Windows user installed Citrix Workspace app for Windows.

A remote compromise is only possible when the user has enabled Windows file sharing (SMB) and only when the updater service is running. If authentication is required for SMB then an attacker must be able to authenticate before they could exploit this issue.

Users with automatic updates enabled and applied should have already been updated to a fixed version.

What Customers Should Do

The issue has been addressed in the following versions of Citrix Workspace app for Windows:

  • Citrix Workspace App 2008 or later
  • Citrix Workspace App 1912 LTSR CU1 Hotfix 1 (19.12.1001) and later cumulative updates

Note that these versions have been updated since the original publication of this bulletin.

Citrix strongly recommends that customers check if the version they are running has been automatically updated and, if necessary, upgrade to a fixed version as soon as possible.

The latest version of Citrix Workspace app for Windows is available from the following Citrix website location:

The latest LTSR version of Citrix Workspace app for Windows is available from the following Citrix website location:

Acknowledgements

Citrix workspace 1912 cu2 download

Citrix Workspace 1912 For Windows 10

Citrix would like to thank Ceri Coburn at Pen Test Partners for working with us to protect Citrix customers during both the initial disclosure of this issue and subsequent variants.

What Citrix Is Doing

Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at http://support.citrix.com/.

Obtaining Support on This Issue

Cumulative Update 1 (CU1) - Citrix Docs

If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at https://www.citrix.com/support/open-a-support-case.html.

Reporting Security Vulnerabilities

Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For details on our vulnerability response process and guidance on how to report security-related issues to Citrix, please visit the Citrix Trust Center at https://www.citrix.com/about/trust-center/vulnerability-process.html.

Changelog

See All Results For This Question

Date Change
2020-07-21Initial Publication
2020-09-08Revision of fixed versions