A Citrix Workspace vulnerability that was fixed in July has been found to have a secondary attack vector, which would allow cybercriminals to elevate privileges and remotely execute arbitrary commands. The bug (CVE-2020-8207), exists in the automatic update service of the Citrix app for Windows. It could allow local privilege-escalation as well as remote compromise of a computer running the app when Windows file sharing (SMB) is enabled, according to Citrix advisory. Researchers at Pen Test Partners found the bug still allows attackers to abuse Citrix-signed MSI installers, which are signed and hashed to prevent modification.
Source: https://threatpost.com/citrix-workspace-new-attack/159459/