CVE-2024-6151

EUVD-2024-47295
Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Virtual Delivery Agent for Windows used by Citrix Virtual Apps and Desktops and Citrix DaaS
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 31%
Affected Products (NVD)
VendorProductVersion
citrixvirtual_apps_and_desktops
𝑥
≤ 2311
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
citrixvirtual_apps_and_desktops
𝑥
< 2402
ADP
citrixvirtual_apps_and_desktops
1912 LTSR ≤
𝑥
< CU9
ADP
citrixvirtual_apps_and_desktops
2203 LTSR ≤
𝑥
< CU5
ADP
Common Weakness Enumeration
References
https://support.citrix.com/article/CTX678035
https://support.citrix.com/article/CTX678035