CVE-2020-8270 Command Injection in Citrix VDA or SMB
Virsec Security Research Lab Vulnerability Analysis
The Virsec Security Research Lab provides detailed analysis on recent and notable security vulnerabilities.
Vulnerabilities have been identified in Citrix Virtual Apps and Desktops that could, if exploited, result in:
A user of a multi-session Windows VDA being able to escalate their privilege level on that VDA to SYSTEM.
Remote compromise of a Windows VDA that has Citrix App-V Service installed and Windows file sharing (SMB) enabled.
A user on a Windows host that is running Citrix Universal Print Server (UPS) being able to escalate their privilege level on that computer to SYSTEM.
Watch the video to learn more about this and other important vulnerabilities.
The CVSS Base score of this vulnerability has not yet been assigned.
Citrix Virtual Apps and Desktops 2006 and earlier versions
Citrix Virtual Apps and Desktops 1912 LTSR CU1 and earlier versions of 1912 LTSR
Citrix XenApp / Xen Desktop 7.15 LTSR CU6 and earlier versions of 7.15 LTSR
Citrix XenApp / Xen Desktop 7.6 LTSR CU8 and earlier versions of 7.6 LTSR
Please note that Citrix XenApp / XenDesktop 7.6 LTSR is not affected by CVE-2020-8270.
Hannay Al-Mohanna of F-Secure Consulting and Michael Garrison of State Farm Information Security.
SYSTEM privileges are the highest level of privilege. A user with that privilege can turn the machine into a brick very quickly.
Virsec Security Platform (VSP) Support
The Virsec Security Platform (VSP)- The NVD has not analyzed this vulnerability and any submitted exploits and has not assigned any CVSS score as well. Virsec will respond once details become known.
Download the full vulnerability report to learn more about this and other important vulnerabilities.