CVE-2021-22928

Summary

A vulnerability has been identified in Citrix Virtual Apps and Desktops that could, if exploited, allow a user of a Windows VDA that has either Citrix Profile Management or Citrix Profile Management WMI Plugin installed to escalate their privilege level on that Windows VDA to SYSTEM.

Affected Software

VendorProductVersion RangeStatus
n/aCitrix Virtual Apps and Desktops2106 HF1, 1912LTSR CU3 HF1, 7.15LTSR CU7 HF1affected

Weaknesses

  • Privilege Escalation (CAPEC-233)

ADP Enrichment

CVE Program Container

Additional References

References