Citrix Virtual Apps And Desktops — known CVE vulnerabilities
Every CVE whose affected-product data names Citrix Virtual Apps And Desktops, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2020-8270 — CVSS 8.8 (high): An unprivileged Windows user on the VDA or an SMB user can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912…
CVE-2020-8283 — CVSS 8.8 (high): An authorised user on a Windows host running Citrix Universal Print Server can perform arbitrary command execution as SYSTEM in CVAD…
CVE-2020-8269 — CVSS 8.8 (high): An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1…
CVE-2025-6759 — CVSS 7.8 (high): Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Windows Virtual Delivery Agent for CVAD and Citrix DaaS
CVE-2021-22928 — CVSS 7.8 (high): A vulnerability has been identified in Citrix Virtual Apps and Desktops that could, if exploited, allow a user of a Windows VDA that has…
CVE-2023-24483 — CVSS 7.8 (high): A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM…
CVE-2024-6151 — CVSS 7.8 (high): Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Virtual Delivery Agent for Windows used by Citrix…