Citrix has released security updates to address two vulnerabilities in its Secure Access Client and Endpoint Analysis Client for Windows, one of which could allow attackers to gain SYSTEM-level privileges on affected systems.
Details of the Vulnerabilities
The more severe vulnerability, identified as CVE-2026-53565, involves improper privilege management (CWE-269). This flaw enables a local user with standard privileges to escalate to SYSTEM privileges, granting full control over the affected machine. The vulnerability affects versions of Citrix Secure Access Client for Windows prior to 26.6.1.20 and Citrix Endpoint Analysis Client for Windows prior to 26.5.1.7. Citrix has assigned a CVSS v4.0 base score of 8.5 to this issue, indicating high severity.
The second vulnerability, CVE-2026-53566, is an out-of-bounds memory read (CWE-125) affecting Citrix Secure Access Client for Windows versions before 26.6.1.20. This flaw requires that the Deterministic Network Enhancer (DNE) driver is not installed on the system. It has been assigned a CVSS v4.0 base score of 6.8, reflecting a medium severity level.
Recommended Actions
Citrix strongly recommends that users upgrade to the latest versions to mitigate these vulnerabilities:
- Citrix Secure Access Client for Windows: Update to version 26.6.1.20 or later.
- Citrix Endpoint Analysis Client for Windows: Update to version 26.5.1.7 or later.
For CVE-2026-53566, administrators should verify the installation status of the DNE driver to assess exposure. Detailed instructions are available in Citrix’s official documentation.
These vulnerabilities were responsibly reported by Carlos Garrido of Pentraze Cybersecurity, allowing Citrix to develop and release patches prior to public disclosure.
Privilege escalation vulnerabilities like CVE-2026-53565 pose significant risks in enterprise environments, as they can allow attackers to bypass security measures and gain full control over systems. Organizations should prioritize applying these patches to maintain the integrity and security of their networks.