CVE-2026-53565
Received Received - Intake

Improper Privilege Management in Citrix Secure Access Client for Windows

Vulnerability report for CVE-2026-53565, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-14

Last updated on: 2026-07-14

Assigner: Citrix Systems, Inc.

Description

Improper Privilege Management vulnerability in Citrix Secure Access Client for Windows, Citrix Citrix Endpoint Analysis Client for Windows. This issue affects Secure Access Client for Windows: before 26.6.1.20; Citrix Endpoint Analysis Client for Windows: before 26. 5.1.7.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-14
Last Modified
2026-07-14
Generated
2026-07-14
AI Q&A
2026-07-14
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
citrix secure_access_client to 26.6.1.20 (exc)
citrix endpoint_analysis_client to 26.5.1.7 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-269 The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is an Improper Privilege Management issue affecting Citrix Secure Access Client for Windows and Citrix Endpoint Analysis Client for Windows. Improper Privilege Management vulnerabilities occur when a system or application does not properly enforce access controls, allowing users or processes to perform actions or access resources beyond their intended permissions.

In this case, the vulnerability affects specific versions of the Citrix clients. The affected products are Citrix Secure Access Client for Windows before version 26.6.1.20 and Citrix Endpoint Analysis Client for Windows before version 26.5.1.7. This means that versions prior to these are vulnerable to exploitation.

The CVSS v4.0 BaseScore of 8.5 indicates a high severity, with the vector AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H. This suggests the vulnerability can be exploited locally with low attack complexity, requiring low privileges, and can lead to high impacts on confidentiality, integrity, and availability of the affected system.

Impact Analysis

If you are using an affected version of Citrix Secure Access Client for Windows or Citrix Endpoint Analysis Client for Windows, this vulnerability could have several impacts:

  • An attacker with local access to the system and low privileges could exploit this vulnerability to escalate their privileges. This means they could gain higher-level permissions than intended, potentially taking full control of the affected system.
  • The high impact on confidentiality, integrity, and availability (as indicated by the CVSS score) means that sensitive data could be accessed, modified, or deleted without authorization.
  • Exploitation could lead to unauthorized actions being performed on the system, such as installing malware, stealing data, or disrupting services.
  • If the affected system is part of a larger network, the attacker could use the compromised system as a pivot point to launch further attacks within the network.
Compliance Impact

This vulnerability could impact compliance with several common standards and regulations, depending on the context in which the affected software is used:

  • GDPR (General Data Protection Regulation): If the affected system processes or stores personal data of EU citizens, a breach resulting from this vulnerability could lead to unauthorized access or disclosure of personal data. This would violate GDPR requirements for data protection and could result in significant fines and legal consequences.
  • HIPAA (Health Insurance Portability and Accountability Act): If the affected system is used in a healthcare environment and handles protected health information (PHI), exploitation of this vulnerability could lead to unauthorized access or disclosure of PHI. This would violate HIPAA's Privacy and Security Rules, potentially resulting in penalties and reputational damage.
  • Other standards like PCI DSS (Payment Card Industry Data Security Standard): If the system processes payment card information, a breach could lead to non-compliance with PCI DSS requirements, which mandate strict controls over access to cardholder data.

Organizations using the affected software should assess their exposure to this vulnerability and take corrective actions, such as applying patches or updates, to maintain compliance with relevant regulations and standards.

Detection Guidance

Detection of this vulnerability involves verifying the installed versions of the affected Citrix software on Windows systems. The vulnerability affects Citrix Secure Access Client for Windows before version 26.6.1.20 and Citrix Endpoint Analysis Client for Windows before version 26.5.1.7.

  • Check the installed version of Citrix Secure Access Client for Windows using the following command in PowerShell or Command Prompt: wmic product where "name like 'Citrix Secure Access Client'" get name, version
  • Check the installed version of Citrix Endpoint Analysis Client for Windows using the following command in PowerShell or Command Prompt: wmic product where "name like 'Citrix Endpoint Analysis Client'" get name, version

Compare the output versions with the fixed versions (26.6.1.20 or later for Secure Access Client and 26.5.1.7 or later for Endpoint Analysis Client). If the installed versions are older, the system is vulnerable.

Mitigation Strategies

To mitigate this vulnerability, follow these immediate steps:

  • Upgrade Citrix Secure Access Client for Windows to version 26.6.1.20 or later.
  • Upgrade Citrix Endpoint Analysis Client for Windows to version 26.5.1.7 or later.

Obtain the latest versions from the official Citrix support or download portal. Ensure all affected systems are updated to the fixed versions to prevent exploitation.

  • If immediate patching is not feasible, consider temporarily disabling or restricting access to the affected Citrix clients until the updates can be applied.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53565. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart