Research outfit Pen Test Partners has uncovered a vulnerability in Citrix Workspace potentially allowing a privilege escalation to lead to full remote compromise of the host machine. The flaw, CVE-2020-8207 (not yet reserved at the time of publication), sees Workspace’s automatic update feature abused to gain access to a vulnerable Workspace installation, with the attack vector being a named pipe.
Read full article on The Register