A Vulnerability in Citrix Workspace App for Linux Could Allow for Local Privilege Escalation

DESCRIPTION:
A vulnerability has been discovered in Citrix Workspace App for Linux, a
virtual desktop application. Successful exploitation of this
vulnerability could allow for local privilege escalation. A privilege
escalation enables the attacker to obtain root privileges within the
system which will enable them to install programs; view, change, or
delete data; or create new accounts with full user rights.

IMPACT:
A vulnerability has been discovered in Citrix Workspace App for Linux, a
virtual desktop application. This vulnerability has a pre-condition in
that the Citrix Workspace App for Linux must be installed with App
Protection. Successful exploitation of this vulnerability could allow
for local privilege escalation. A privilege escalation enables the
attacker to obtain root privileges within the system which will enable
them to install programs; view, change, or delete data; or create new
accounts with full user rights.

SYSTEM AFFECTED:
* Citrix Workspace App for Linux 2012 to 2111

RECOMMENDATIONS:
We recommend the following actions be taken:

* Upgrade Citrix Workspace App for Linux (2112 and later versions) to a
fixed version as provided by Citrix.
* Verify no unauthorized changes have occurred before applying
patches/updates.

REFERENCES:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21825
https://support.citrix.com/article/CTX338435

Published: 18 January 2022, 16:17:47 BST