CVE-2020-8270
N/A
N/A
Summary
An unprivileged Windows user on the VDA or an SMB user can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285871 and CTX285872, 7.15 LTSR CU6 hotfix CTX285341 and CTX285342
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Citrix Virtual Apps and Desktops | 2009, 1912 LTSR CU1 hotfixes CTX285871 and CTX285872, 7.15 LTSR CU6 hotfix CTX285341 and CTX285342 | affected |
Weaknesses
- CWE-78: OS Command Injection (CWE-78)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.