CVE-2024-2241

Published Mar 7, 2024

Last updated a year ago

CVSS medium 6.3

Overview

Description
Improper access control in the user interface in Devolutions Workspace 2024.1.0 and earlier allows an authenticated user to perform unintended actions via specific permissions
Source
security@devolutions.net
NVD status
Analyzed
Products
workspace

Risk scores

CVSS 3.1

Type
Secondary
Base score
6.3
Impact score
3.4
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Severity
MEDIUM

Weaknesses

nvd@nist.gov
NVD-CWE-noinfo

Social media

Hype score
Not currently trending

Configurations

Related CVEs

  1. Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for WindowsCVE-2025-4879
  2. Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for WindowsCVE-2024-7889
  3. Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for WindowsCVE-2024-7890
  4. Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin. A local unauthenticated user with low privileges may potentially exploit this vulnerability to bypass existing controls and perform unauthorized actions leading to information disclosure and tampering.CVE-2024-42423
  5. Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for WindowsCVE-2024-6286

References

Sources include official advisories and independent security research.