1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Citrix CVE-2019-11634 Activity

Web Attack: Citrix CVE-2019-11634 Activity

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects the attempt to execute arbitrary code on the device.

Additional Information

Citrix Workspace App and Receiver for Windows are prone to a remote code-execution vulnerability. Specifically, this issue occurs due to insufficient access permissions enforcement on local drive access. An attacker can exploit this issue to gain read/write access to the clients local drives.

Successfully exploiting this issue will allow attackers to execute arbitrary code on the device.

Affected

  • The following products are vulnerable:
  • Citrix Workspace App for Windows versions prior to 1904 are vulnerable.
  • Citrix Receiver for Windows version LTSR 4.9 CU6 is vulnerable.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube