CVE-2025-1222

medium

Published 2025-02-20 · Modified 2026-04-29

CVSS v3

6.1

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

CVSS v2

—

VIR risk

6.1

Description

An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for Mac

Predictions

Exploit likelihood

61%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: secure@citrix.com — https://support.citrix.com/s/article/CTX692679-citrix-secure-access-client-for-mac-security-bulletin-for-cve20251222-and-cve20251223?language=en_US

OS impact

OS	Version	Status	Fixed in
macos	-	not-affected

Application impact

Vendor	Product	Versions	Fixed
citrix	secure_access_client	`{"endExcluding":"25.01.2"}`	`25.01.2`

References

https://support.citrix.com/s/article/CTX692679-citrix-secure-access-client-for-mac-security-bulletin-for-cve20251222-and-cve20251223?language=en_US

Verify integrity in audit chain (admin only). AS-IS.