本頁列出影響 citrix secure_access_client 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2025-0320 | Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Secure Access Client for Windows | [email protected] | 8.6 | 0.07% | 2025-06-17 | 2025-08-06 |
| CVE-2025-1223 | An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for Mac | [email protected] | 5.9 | 0.08% | 2025-02-20 | 2026-04-29 |
| CVE-2025-1222 | An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for Mac | [email protected] | 5.9 | 0.10% | 2025-02-20 | 2026-04-29 |
| CVE-2024-3661 | DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN. | 9119a7d8-5eab-497f-8521-727c672e3725 | 7.6 | 2.91% | 2024-05-06 | 2025-01-15 |
| CVE-2023-24492 | A vulnerability has been discovered in the Citrix Secure Access client for Ubuntu which, if exploited, could allow an attacker to remotely execute code if a victim user opens an attacker-crafted link and accepts further prompts. | [email protected] | 9.6 | 0.44% | 2023-07-11 | 2024-11-21 |
| CVE-2023-24491 | A vulnerability has been discovered in the Citrix Secure Access client for Windows which, if exploited, could allow an attacker with access to an endpoint with Standard User Account that has the vulnerable client installed to escalate their local privileges to that of NT AUTHORITY\SYSTEM. | [email protected] | 7.8 | 0.05% | 2023-07-11 | 2024-11-21 |