The NDVM in Citrix XenClient XT before 2.1.3 and 3.x before 3.1.4 allows remote attackers to execute arbitrary commands by using the UIVM to create a network connection.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 72.3%