CVE 2019-11634 Citrix Workspace App before 1904 for windows has incorrect access control – 22nd May 2019

Preface: VDI (Virtual Desktop Infrastructure), one of the way make your IT operations secure.

Product overview: Citrix Workspace Suite is a collection of Citrix products that deliver secure access to desktops, data, applications and services to subscribers on any device, and on any network.

Vulnerability details: Citrix Workspace App before 1904 for Windows has Incorrect Access Control.

Beginning August 2018, Citrix Receiver will be replaced by Citrix Workspace app. A vulnerability has been identified in Citrix Workspace app and Receiver for Windows that could result in local drive access preferences not being enforced allowing an attacker read/write access to the clients local drives which could enable code execution on the client device.

Remedy: Official announcement via following link –