Updated: Citrix Virtual Apps and Desktops (XenApp & XenDesktop) Security Vulnerability

by Daniel Ruiz
Senior Solutions Architect

Updated: July 14, 2021

Citrix recently announced a new vulnerability in Citrix Virtual Apps and Desktops (formally known as XenApp & XenDesktop) that if exploited, could allow a user of a Windows VDA with Citrix Profile Management or the Citrix Profile Management WMI Plugin installed with Local privilege escalation access.

Unfortunately, the Citrix Profile Management WMI Plugin is not displayed under Add/Remove programs. However it can be checked if installed by running the following PowerShell command on a VDA.

Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | where {$_.Publisher -Like “*Citrix*”} | Select-Object DisplayName,Publisher,DisplayVersion | Sort-Object DisplayName

The Citrix Profile Management WMI plug-in provides Profile Management runtime information in WMI objects, such as profile provider, profile type, size, and disk usage. Then the WMI objects provide session information to Director.

 

Helient and Citrix are recommending that customers test, and then deploy the relevant hotfix on to any affected Windows VDAs.

Vulnerability:

CVE-2021-22928 – Local privilege escalation on a Windows VDA

Versions of Citrix Virtual Apps and Desktops affected:

• Citrix XenApp / XenDesktop 7.15 LTSR CU7 and earlier versions of 7.15 LTSR
• Citrix Virtual Apps and Desktops 1912 LTSR CU3 and earlier versions of 1912 LTSR
• Citrix Virtual Apps and Desktops 2106 and earlier versions
• Citrix Virtual Apps and Desktops 2106 is only affected when Citrix Profile Management is installed on a Windows VDA as Citrix Profile Management WMI Plugin is not affected in this version.

Fix to address CVE-2021-22928:

The hotfixes can be downloaded from the following locations:

Citrix Virtual Apps and Desktops 2106

• ProfilemgtWX86_2106_001 – https://support.citrix.com/article/CTX319995
• ProfilemgtWX64_2106_001 – https://support.citrix.com/article/CTX319996

Citrix Virtual Apps and Desktops 1912 LTSR

• ProfilemgtWX64_1912_3001 – https://support.citrix.com/article/CTX319819
• UPMVDAPluginWX64_1912_3001 – https://support.citrix.com/article/CTX319668
• ProfilemgtWX86_1912_3001 – https://support.citrix.com/article/CTX319820
• UPMVDAPluginWX86_1912_3001 – https://support.citrix.com/article/CTX319671

Citrix XenApp / XenDesktop 7.15 LTSR

• ProfilemgtWX64_7_15_7001 – https://support.citrix.com/article/CTX319817
• UPMVDAPluginWX64_7_15_7001 – https://support.citrix.com/article/CTX319669
• ProfilemgtWX86_7_15_7001 – https://support.citrix.com/article/CTX319818
• UPMVDAPluginWX86_7_15_7001 – https://support.citrix.com/article/CTX319670

If you would like more information or assistance from our industry leading team of Citrix experts to plan and execute the upgrade, please contact us at service@helient.com.