- Description
- Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server domain
- Source
- secure@citrix.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 5.1
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
- secure@citrix.com
- CWE-269
- Hype score
- Not currently trending
1/10 Urgent Alert: Citrix Session Recording vulnerabilities (CVE-2024-8068 & CVE-2024-8069) are under active exploitation. Patch now! #CyberSecurityAlert #CitrixVuln 🚨🔒
@Eth1calHackrZ
2 Dec 2024
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#ThreatProtection #CVE-2024-8068, #CVE-2024-8069 - Citrix Session Recording RCE #Vulnerability, read more about Symantec's protection: https://t.co/p6g62pwMxO
@threatintel
27 Nov 2024
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
2/10 🔍 Vulnerabilities Unveiled: 1. CVE-2024-8068: Privilege escalation to NetworkService. 2. CVE-2024-8069: Limited RCE as NetworkService. Update now to protect your systems! #CyberVulnerabilities
@Eth1calHackrZ
25 Nov 2024
27 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-8068
@transilienceai
23 Nov 2024
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
De multiples tentatives d'exploitation observées pour deux vulnérabilités d'enregistrement de sessions Citrix (CVE-2024-8068 et CVE-2024-8069) https://t.co/Otwqa5PBIL
@cert_ist
21 Nov 2024
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-8068 & CVE-2024-8069: Citrix Session Recording Manager Unauthenticated RCE is actively being exploited. https://t.co/hTKeS4v9Ah https://t.co/9fBUULr12D
@IntCyberDigest
18 Nov 2024
462 Impressions
1 Retweet
2 Likes
1 Bookmark
0 Replies
0 Quotes
#Cybersecurity researchers have disclosed new #security flaws (CVE-2024-8068 & CVE-2024-8069) impacting #Citrix Virtual Apps and Desktop that could be exploited to achieve unauthenticated RCE. https://t.co/pkIeFCFh3c https://t.co/dIPlnqmkmZ
@twelvesec
14 Nov 2024
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Vulnerabilidades en Citrix Virtual Apps permiten ataques RCE a través de una mala configuración de MSMQ CVE-2024-8068 CVE-2024-8069 https://t.co/7i5sFBgkHb
@elhackernet
13 Nov 2024
3225 Impressions
14 Retweets
59 Likes
9 Bookmarks
0 Replies
0 Quotes
Kritieke privilege escalatie in citrix session recording blootgelegd: wat u moet weten https://t.co/4Cny3FPhdk #CVE-2024-8068 #Citrix Session Recording #Privilege Escalatie #Beveiligingslek #Citrix Systems, Inc. #Trending #Tech #Nieuws
@TrendingNewsBot
13 Nov 2024
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Kritieke beveiligingslek in citrix session recording: cve-2024-8068 ontdekt https://t.co/X4aOLCCcfj #CVE-2024-8068 #Citrix Session Recording #beveiligingslek #privilege escalatie #IT-beveiliging #Trending #Tech #Nieuws
@TrendingNewsBot
13 Nov 2024
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Belangrijke privilege escalatie in citrix session recording blootgelegd https://t.co/hfhTChV4Js #CVE-2024-8068 #Citrix Session Recording #Privilege Escalatie #Beveiligingsupdate #NetwerkService Account #Trending #Tech #Nieuws
@TrendingNewsBot
13 Nov 2024
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Opgelet: nieuwe kwetsbaarheid cve-2024-8068 ontdekt in citrix session recording https://t.co/5IyMMQ8wO3 #CVE-2024-8068 #Citrix Session Recording #Privilege Escalation #Netwerkbeveiliging #Cybersecurity Alert #Trending #Tech #Nieuws
@TrendingNewsBot
13 Nov 2024
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Citrix Session Recording Security Bulletin for CVE-2024-8068 and CVE-2024-8069 → https://t.co/0MYc2PpA6L
@ripjyr
12 Nov 2024
100 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We started seeing Citrix Virtual Apps and Desktops CVE-2024-8068/CVE-2024-8069 PoC based attempts at around 16:00 UTC today, shortly after publication. While there is discussion on whether these are remotely exploitable without auth, we urge you to update your installations NOW
@Shadowserver
12 Nov 2024
11254 Impressions
39 Retweets
69 Likes
34 Bookmarks
2 Replies
0 Quotes
CVE-2024-8068 Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain … https://t.co/yGxT43HZcZ
@CVEnew
12 Nov 2024
429 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Please see our latest Citrix Session Recording Security Bulletin regarding CVE-2024-8068 and CVE-2024-8069. Citrix urges affected customers to install the relevant updated versions as soon their upgrade schedule permits: https://t.co/k2QQAQoyQs
@citrix
12 Nov 2024
2778 Impressions
2 Retweets
0 Likes
1 Bookmark
1 Reply
1 Quote
CVE-2024-8068 & CVE-2024-8069: Citrix Session Recording Manager Unauthenticated RCE Exploits Publicly Available Discover the critical vulnerabilities in Citrix Session Recording Manager that allow unauthenticated RCE on Citrix Virtual Apps and Desktops. https://t.co/QLwpDlZX
@the_yellow_fall
12 Nov 2024
1466 Impressions
14 Retweets
24 Likes
5 Bookmarks
1 Reply
0 Quotes