==================================================================== CERT-Renater Note d'Information No. 2020/VULN424 _____________________________________________________________________ DATE : 22/07/2020 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Citrix Workspace App versions prior to 2006.1, 1912 LTSR CU1. ===================================================================== https://support.citrix.com/article/CTX277662 _____________________________________________________________________ TX277662 Citrix Workspace app for Windows Security Update Security Bulletin | High | Created: 21 Jul 2020 | Modified: 21 Jul 2020 Applicable Products Citrix Workspace App Description of Problem A vulnerability has been identified in the automatic update service of Citrix Workspace app for Windows that could result in: A local user escalating their privilege level to that of an administrator on the computer running Citrix Workspace app for Windows. A remote compromise of the computer running Citrix Workspace app when Windows file sharing (SMB) is enabled. The issue has the following identifier: CVE-2020-8207 This vulnerability affects the following supported versions of Citrix Workspace app for Windows: Citrix Workspace app for Windows 1912 LTSR Citrix Workspace app for Windows 2002 This vulnerability does not affect Citrix Workspace app on any other platforms or any supported versions of Citrix Receiver. Mitigating Factors This vulnerability only exists if Citrix Workspace app was installed using an account with local or domain administrator privileges. It does not exist when a standard Windows user installed Citrix Workspace app for Windows. A remote compromise is only possible when the user has enabled Windows file sharing (SMB) and only when the updater service is running. If authentication is required for SMB then an attacker must be able to authenticate before they could exploit this issue. Users with automatic updates enabled and applied should have already been updated to a fixed version. What Customers Should Do The issue has been addressed in the following versions of Citrix Workspace app for Windows: Citrix Workspace App 2006.1 or later Citrix Workspace App 1912 LTSR CU1 and later cumulative updates Citrix strongly recommends that customers check if the version they are running has been automatically updated and, if necessary, upgrade to a fixed version as soon as possible. The latest version of Citrix Workspace app for Windows is available from the following Citrix website location: https://www.citrix.com/downloads/workspace-app/windows/ The latest LTSR version of Citrix Workspace app for Windows is available from the following Citrix website location: https://www.citrix.com/downloads/workspace-app/workspace-app-for-windows-long-term-service-release/ Acknowledgements Citrix would like to thank Ceri Coburn at Pen Test Partners for working with us to protect Citrix customers. What Citrix Is Doing Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at http://support.citrix.com/. Obtaining Support on This Issue If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at https://www.citrix.com/support/open-a-support-case.html. Reporting Security Vulnerabilities Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For guidance on how to report security-related issues to Citrix, please see the following document: CTX081743 – Reporting Security Issues to Citrix Changelog Date Change 2020-07-21 Initial Publication ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================