CVE-2025-6759

Summary

Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Windows Virtual Delivery Agent for CVAD and Citrix DaaS

Affected Software

VendorProductVersion RangeStatus
CitrixWindows Virtual Delivery Agent for CVAD and Citrix DaaSCurrent Release (CR) < 2503affected
CitrixWindows Virtual Delivery Agent for CVAD and Citrix DaaSLong Term Service Release (LTSR) <= 2402 LTSR CU2affected

Weaknesses

  • CWE-269: CWE-269 Improper Privilege Management

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References