Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Citrix — Vulnerabilities & Security Advisories 38

Browse all 38 CVE security advisories affecting Citrix. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Citrix Systems provides virtualization and remote access solutions, primarily enabling secure delivery of applications and desktops to users across networks. Its portfolio, including Virtual Apps and Desktops, is critical for enterprise workforce flexibility but has historically attracted significant security scrutiny. The platform has been associated with numerous Common Vulnerabilities and Exposures, including thirty-eight recorded instances, often involving remote code execution, cross-site scripting, and privilege escalation flaws. These vulnerabilities frequently stem from complex integration points and legacy components within its architecture. Notably, the 2023 breach involving the MOVEit Transfer software, though technically a separate entity, highlighted broader supply chain risks affecting the ecosystem. Security researchers emphasize that improper configuration and delayed patching of these known weaknesses have facilitated unauthorized access, underscoring the necessity for rigorous vulnerability management and continuous monitoring to mitigate exposure to sophisticated threat actors targeting remote access infrastructure.

Top products by Citrix: Citrix Workspace App for Windows Citrix Gateway, Citrix ADC Citrix Application Delivery Management (Citrix ADM) Citrix ADC and Citrix Gateway  Secure Access Client for Mac Citrix Workspace app for HTML5 NetScaler ADC  NetScaler ADC Windows Virtual Delivery Agent for CVAD and Citrix DaaS Federated Authentication Service (FAS) Workspace App for Windows Secure Access Client for Windows Citrix Session Recording uberAgent Citrix Provisioning Windows Virtual Delivery Agent Citrix Hypervisor Citrix SD-WAN Standard/Premium Editions Citrix Secure Access client for Windows Citrix Secure Access client for Ubuntu Citrix ShareFile Storage Zones Controller Virtual Delivery Agents for Windows for CVAD and Citrix DaaS Security Citrix Workspace app for Linux Citrix Virtual Apps and Desktops Citrix Gateway, Citrix ADC StoreFront
CVE IDTitleCVSSSeverityPublished
CVE-2025-6759 Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges — Windows Virtual Delivery Agent for CVAD and Citrix DaaSCWE-269 7.8AIHighAI2025-07-08
CVE-2025-0320 Citrix Secure Access - Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges — Secure Access Client for WindowsCWE-269 7.8AIHighAI2025-06-17
CVE-2025-4879 Citrix Workspace App for Windows - Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges — Workspace App for WindowsCWE-269 7.8AIHighAI2025-06-17
CVE-2025-1223 An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data — Secure Access Client for MacCWE-427 7.1 -2025-02-20
CVE-2025-1222 An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data — Secure Access Client for Mac 7.7 -2025-02-20
CVE-2024-8068 Privilege escalation to NetworkService Account access — Citrix Session RecordingCWE-269 8.8AIHighAI2024-11-12
CVE-2024-7890 Local privilege escalation allows a low-privileged user to gain SYSTEM privileges — Citrix Workspace app for Windows 7.8AIHighAI2024-09-11
CVE-2024-7889 Local privilege escalation allows a low-privileged user to gain SYSTEM privileges — Citrix Workspace app for Windows 7.8AIHighAI2024-09-11
CVE-2024-6677 Citrix Systems uberAgent 安全漏洞 — uberAgent 8.8 -2024-07-12
CVE-2024-6149 Citrix Systems Workspace App 安全漏洞 — Citrix Workspace app for HTML5 6.1AIMediumAI2024-07-10
CVE-2024-6148 Citrix Systems Workspace App 安全漏洞 — Citrix Workspace app for HTML5 6.5AIMediumAI2024-07-10
CVE-2024-6150 Citrix Systems Provisioning 安全漏洞 — Citrix Provisioning 7.7AIHighAI2024-07-10
CVE-2024-6286 Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges — Citrix Workspace app for Windows 7.8AIHighAI2024-07-10
CVE-2024-6151 Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges — Windows Virtual Delivery Agent 7.8AIHighAI2024-07-10
CVE-2024-5661 Potential Denial of Service affecting XenServer and Citrix Hypervisor — Citrix Hypervisor 6.8AIMediumAI2024-06-13
CVE-2024-2049 Server-Side Request Forgery (SSRF) — Citrix SD-WAN Standard/Premium EditionsCWE-918 6.5 Medium2024-03-12
CVE-2023-4966 Unauthenticated sensitive information disclosure — NetScaler ADCCWE-119 9.4 Critical2023-10-10
CVE-2023-3467 Citrix ADC 和 Citrix Gateway 安全漏洞 — NetScaler ADC CWE-269 8.0 High2023-07-19
CVE-2023-3466 Citrix ADC 和 Citrix Gateway 跨站脚本漏洞 — NetScaler ADC CWE-20 8.3 High2023-07-19
CVE-2023-3519 Citrix ADC 和 Citrix Gateway 代码注入漏洞 — NetScaler ADCCWE-94 9.8 Critical2023-07-19
CVE-2023-24492 Citrix Systems Secure Access 代码注入漏洞 — Citrix Secure Access client for UbuntuCWE-94 9.6 Critical2023-07-11
CVE-2023-24491 Citrix Systems Secure Access 安全漏洞 — Citrix Secure Access client for WindowsCWE-269 7.8 High2023-07-11
CVE-2023-24489 Citrix Systems Content Collaboration 安全漏洞 — Citrix ShareFile Storage Zones ControllerCWE-284 9.8 Critical2023-07-10
CVE-2023-24490 Users with only access to launch VDA applications can launch an unauthorized desktop — Virtual Delivery Agents for Windows for CVAD and Citrix DaaS SecurityCWE-284 6.3 Medium2023-07-10
CVE-2023-24487 Arbitrary file read — Citrix ADC and Citrix Gateway CWE-253 6.3 Medium2023-07-10
CVE-2023-24488 Cross site scripting — Citrix ADC and Citrix Gateway CWE-79 6.1 Medium2023-07-10
CVE-2023-24486 Local user access to a system where another user is utilizing a vulnerable version of Citrix Workspace App for Linux to launch published desktops and applications — Citrix Workspace app for LinuxCWE-284 7.8 -2023-07-10
CVE-2023-24485 Privilege Escalation on the system running a vulnerable version of Citrix Workspace app for Windows — Citrix Workspace App for WindowsCWE-284 7.8 -2023-02-16
CVE-2023-24483 Privilege Escalation to NT AUTHORITY\SYSTEM on the vulnerable VDA — Citrix Virtual Apps and DesktopsCWE-269 7.8 -2023-02-16
CVE-2023-24484 A malicious user can cause log files to be written to a directory that they do not have permission to write to. — Citrix Workspace App for WindowsCWE-284--2023-02-16

This page lists every published CVE security advisory associated with Citrix. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.