Citrix Virtual_apps_and_desktops
9 CVEs affecting Citrix Virtual_apps_and_desktops. Latest disclosed: 2025-07-08. Critical: 0, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-8283 | High | 8.8 | 2020-12-14 | An authorised user on a Windows host running Citrix Universal Print Server can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912… |
CVE-2020-8270 | High | 8.8 | 2020-11-16 | An unprivileged Windows user on the VDA or an SMB user can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes C… |
CVE-2020-8269 | High | 8.8 | 2020-11-16 | An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CT… |
CVE-2025-6759 | High | 7.8 | 2025-07-08 | Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Windows Virtual Delivery Agent for CVAD and Citrix DaaS |
CVE-2024-6151 | High | 7.8 | 2024-07-10 | Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Virtual Delivery Agent for Windows used by Citrix Virtual Apps and Desktop… |
CVE-2023-24483 | High | 7.8 | 2023-02-16 | A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM on a Citrix Virtual… |
CVE-2021-22928 | High | 7.8 | 2021-08-05 | A vulnerability has been identified in Citrix Virtual Apps and Desktops that could, if exploited, allow a user of a Windows VDA that has either Citrix Profile… |
CVE-2023-24490 | Medium | 6.3 | 2023-07-10 | Users with only access to launch VDA applications can launch an unauthorized desktop |
CVE-2023-6184 | Medium | 5.0 | 2024-01-18 | Cross SiteScripting vulnerability in Citrix Session Recording allows attacker to perform Cross Site Scripting |