CVE-2023-24485

CVE-2023-24485: Privilege Escalation on the system running a vulnerable version of Citrix Workspace app for Windows

Vendor Citrix

Product Citrix Workspace App for Windows

Weakness CWE-284

Published February 16, 2023

Last update March 19, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Vulnerabilities have been identified that, collectively, allow a standard Windows user to perform operations as SYSTEM on the computer running Citrix Workspace app.

Key dates

02Disclosure timeline

February 16, 2023 CVE published

March 19, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-24485

Related vulnerabilities

04Related CVE

CVE-2026-45301 Open WebUI: Missing permission check in files API allows authenticated users to list, access and delete every uploaded file CVE-2025-24424 Adobe Commerce | Improper Access Control (CWE-284) CVE-2025-32790 Dify Allows Insecure User Role Access Control for APP DSL Exporting CVE-2025-49692 Azure Connected Machine Agent Elevation of Privilege Vulnerability CVE-2025-2546 D-Link DIR-618/DIR-605L Firewall Service formAdvFirewall access control