Citrix Releases Security Updates for Virtual Apps and Desktop

Threat ID:: CC-3902
Threat Severity:: Information only
Published:: 14 July 2021 11:14 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Affected platforms

The following platforms are known to be affected:

Citrix Virtual Apps and Desktops 2106 and earlier versions

Citrix Virtual Apps and Desktops 1912 LTSR CU3 Versions: 1912 LTSR and earlier

Citrix XenApp / XenDesktop 7.15 LTSR CU7 Versions: 7.15 LTSR and earlier

Threat details

Introduction

Citrix has released security updates to address vulnerabilities in multiple versions of Virtual Apps and Desktops that may allow allow a user of a Windows VDA that has either Citrix Profile Management or Citrix Profile Management WMI Plugin installed to escalate their privilege level on that Windows VDA to SYSTEM. An attacker could exploit this vulnerability to take control of an affected system.

Remediation advice

Affected organisations are encouraged to review Citrix Virtual Apps and Desktop Security Update page and install the relevant hotfixes.

Remediation steps

Type	Step
Patch	Hotfix ProfilemgtWX86_2106_001 - For Citrix Virtual Apps and Desktops 2106 https://support.citrix.com/article/CTX319995
Patch	Hotfix ProfilemgtWX64_2106_001 - For Citrix Virtual Apps and Desktops 2106 https://support.citrix.com/article/CTX319996
Patch	Hotfix ProfilemgtWX64_1912_3001- For Citrix Virtual Apps and Desktops 7 1912 Long Term Service Release (LTSR) Cumulative Update 3 https://support.citrix.com/article/CTX319819
Patch	Hotfix UPMVDAPluginWX64_1912_3001 - For Citrix Virtual Apps and Desktops 7 1912 Long Term Service Release (LTSR) Cumulative Update 3 https://support.citrix.com/article/CTX319668
Patch	Hotfix ProfilemgtWX86_1912_3001 - For Citrix Virtual Apps and Desktops 7 1912 Long Term Service Release (LTSR) Cumulative Update 3 https://support.citrix.com/article/CTX319820
Patch	Hotfix UPMVDAPluginWX86_1912_3001 - For Citrix Virtual Apps and Desktops 7 1912 Long Term Service Release (LTSR) Cumulative Update 3 https://support.citrix.com/article/CTX319671
Patch	Hotfix ProfilemgtWX64_7_15_7001 - For XenApp and XenDesktop 7.15 Long Term Service Release (LTSR) Cumulative Update 7 https://support.citrix.com/article/CTX319817
Patch	Hotfix UPMVDAPluginWX64_7_15_7001 - For XenApp and XenDesktop 7.15 Long Term Service Release (LTSR) Cumulative Update 7 https://support.citrix.com/article/CTX319669
Patch	Hotfix ProfilemgtWX86_7_15_7001 - For XenApp and XenDesktop 7.15 Long Term Service Release (LTSR) Cumulative Update 7 https://support.citrix.com/article/CTX319818
Patch	Hotfix UPMVDAPluginWX86_7_15_7001 - For XenApp and XenDesktop 7.15 Long Term Service Release (LTSR) Cumulative Update 7 https://support.citrix.com/article/CTX319670

CVE Vulnerabilities

Status Reserved

CVE-2021-22928

Local privilege escalation on a Windows VDA

Prerequisite: Authenticated access to a VDA with Citrix Profile Management or Citrix Profile Management WMI Plugin installed

Last edited: 17 January 2022 7:03 pm