- 44/2025
- High
Citrix has released security updates to address multiple vulnerabilities across several products.
The addressed vulnerabilities could allow the attacker to gain elevated privileges on the affected systems.
Sample of the addressed vulnerabilities:
1. NetScaler Authenticated Privilege Escalation Vulnerability (CVE-2024-12284):
- CVSS: 8.8
- Attack Vector: Adjacent Network
- Attack Complexity: High
- Privileges Required: High
- User Interaction: None
- Consequences: Gain Privilege
2. Citrix Secure Access Client for Mac Privilege Escalation Vulnerability (CVE-2024-12284):
- CVSS: 5.9
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Consequences: Gain Privilege
Affected Products:
- NetScaler Console 14.1 BEFORE 14.1-38.53.
- NetScaler Console 13.1 BEFORE 13.1-56.18.
- NetScaler Agent 14.1 BEFORE 14.1-38.53.
- NetScaler Agent 13.1 BEFORE 13.1-56.18.
- Citrix Secure Access Client for Mac versions BEFORE 25.01.2.
Vulnerabilities
- CVE-2024-12284
- CVE-2025-1222
- CVE-2025-1223
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.