CVE-2024-8068
Published Nov 12, 2024
Last updated 3 days ago
AI description
CVE-2024-8068 is a security vulnerability affecting Citrix Session Recording. It involves improper privilege management, which can allow an attacker to escalate privileges to NetworkService Account access. To exploit this vulnerability, the attacker must be an authenticated user within the same Windows Active Directory domain as the session recording server. Citrix released patches in November 2024 to address this issue.
- Description
- Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server domain
- Source
- secure@citrix.com
- NVD status
- Analyzed
- Products
- session_recording
CVSS 4.0
- Type
- Secondary
- Base score
- 5.1
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Primary
- Base score
- 8
- Impact score
- 5.9
- Exploitability score
- 2.1
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Citrix Session Recording Improper Privilege Management Vulnerability
- Exploit added on
- Aug 25, 2025
- Exploit action due
- Sep 15, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- secure@citrix.com
- CWE-269
- Hype score
- Not currently trending
#CISA adds three exploited #vulnerabilities (CVE-2024-8068, CVE-2024-8069, CVE-2025-48384) to its KEV catalogue. #Cybersecurity #infosec https://t.co/RqhqvunyEN https://t.co/puxs2Jz2h9
@twelvesec
28 Aug 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA adds Citrix vulnerabilities CVE-2024-8069 and CVE-2024-8068 to KEV catalog. Critical zero-day CVE-2025-7775 in NetScaler ADC/Gateway actively exploited, causing remote code execution. #CitrixRisks #NetScalerFlaws #USA https://t.co/DyZ4vHdoZt
@TweetThreatNews
26 Aug 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA alerts on a critical Git flaw (CVE-2025-48384) enabling arbitrary code execution via crafted submodules in config files. Citrix Session Recording bugs CVE-2024-8068 & CVE-2024-8069 also noted. Updates available from Git v2.43.7. #GitVulnerability #USA https://t.co/pBsmWJ
@TweetThreatNews
26 Aug 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cisa added 3️⃣ Dangerous vulnerability to Kev. Two relate to Citrix Session Recording (Cve-2024-8068, Cve-2024-8069) and allow increase privileges and implementation code. The third - Cve-2025-48384 In git with CVSS 8.1, can lead to Launch harmful code While cloning repositor
@Hack_Your_Mom
26 Aug 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA added three actively exploited vulnerabilities to KEV catalog impacting Citrix Session Recording (CVE-2024-8068, CVE-2024-8069) and Git (CVE-2025-48384), enabling privilege escalation and code execution. #Citrix #GitFlaw #USA https://t.co/QJjk7oXQXW
@TweetThreatNews
26 Aug 2025
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 أضافت وكالة الأمن السيبراني الأمريكية (CISA) ثلاث ثغرات أمنية، تتعلق بتسجيل الجلسات في Citrix وGit، إلى قائمة الثغرات المستغلة المعروفة (KEV). الثغرة الأولى هي
@Cybercachear
26 Aug 2025
84 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Citrix製品とGitの脆弱性が悪用される、米CISAがKEVカタログに追加(CVE-2024-8069、CVE-2024-8068、CVE-2025-48384) 〜サイバーアラート8月26日〜 https://t.co/AWpmkysT8J #セキュリティ #インテリジェンス #OSINT
@MachinaRecord
26 Aug 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2024-8068 #Citrix Session Recording Improper Privilege Management Vulnerability https://t.co/l4T5YGKsDa
@ScyScan
25 Aug 2025
96 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ We added Citrix and Git vulnerabilities CVE-2024-8068, CVE-2024-8069, & CVE-2025-48384 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwapzIN & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec https://t.co/0Hu
@CISACyber
25 Aug 2025
16394 Impressions
59 Retweets
148 Likes
30 Bookmarks
5 Replies
2 Quotes
1/10 Urgent Alert: Citrix Session Recording vulnerabilities (CVE-2024-8068 & CVE-2024-8069) are under active exploitation. Patch now! #CyberSecurityAlert #CitrixVuln 🚨🔒
@Eth1calHackrZ
2 Dec 2024
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#ThreatProtection #CVE-2024-8068, #CVE-2024-8069 - Citrix Session Recording RCE #Vulnerability, read more about Symantec's protection: https://t.co/p6g62pwMxO
@threatintel
27 Nov 2024
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
2/10 🔍 Vulnerabilities Unveiled: 1. CVE-2024-8068: Privilege escalation to NetworkService. 2. CVE-2024-8069: Limited RCE as NetworkService. Update now to protect your systems! #CyberVulnerabilities
@Eth1calHackrZ
25 Nov 2024
27 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-8068
@transilienceai
23 Nov 2024
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
De multiples tentatives d'exploitation observées pour deux vulnérabilités d'enregistrement de sessions Citrix (CVE-2024-8068 et CVE-2024-8069) https://t.co/Otwqa5PBIL
@cert_ist
21 Nov 2024
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-8068 & CVE-2024-8069: Citrix Session Recording Manager Unauthenticated RCE is actively being exploited. https://t.co/hTKeS4v9Ah https://t.co/9fBUULr12D
@IntCyberDigest
18 Nov 2024
462 Impressions
1 Retweet
2 Likes
1 Bookmark
0 Replies
0 Quotes
#Cybersecurity researchers have disclosed new #security flaws (CVE-2024-8068 & CVE-2024-8069) impacting #Citrix Virtual Apps and Desktop that could be exploited to achieve unauthenticated RCE. https://t.co/pkIeFCFh3c https://t.co/dIPlnqmkmZ
@twelvesec
14 Nov 2024
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Vulnerabilidades en Citrix Virtual Apps permiten ataques RCE a través de una mala configuración de MSMQ CVE-2024-8068 CVE-2024-8069 https://t.co/7i5sFBgkHb
@elhackernet
13 Nov 2024
3225 Impressions
14 Retweets
59 Likes
9 Bookmarks
0 Replies
0 Quotes
Kritieke privilege escalatie in citrix session recording blootgelegd: wat u moet weten https://t.co/4Cny3FPhdk #CVE-2024-8068 #Citrix Session Recording #Privilege Escalatie #Beveiligingslek #Citrix Systems, Inc. #Trending #Tech #Nieuws
@TrendingNewsBot
13 Nov 2024
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Kritieke beveiligingslek in citrix session recording: cve-2024-8068 ontdekt https://t.co/X4aOLCCcfj #CVE-2024-8068 #Citrix Session Recording #beveiligingslek #privilege escalatie #IT-beveiliging #Trending #Tech #Nieuws
@TrendingNewsBot
13 Nov 2024
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Belangrijke privilege escalatie in citrix session recording blootgelegd https://t.co/hfhTChV4Js #CVE-2024-8068 #Citrix Session Recording #Privilege Escalatie #Beveiligingsupdate #NetwerkService Account #Trending #Tech #Nieuws
@TrendingNewsBot
13 Nov 2024
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Opgelet: nieuwe kwetsbaarheid cve-2024-8068 ontdekt in citrix session recording https://t.co/5IyMMQ8wO3 #CVE-2024-8068 #Citrix Session Recording #Privilege Escalation #Netwerkbeveiliging #Cybersecurity Alert #Trending #Tech #Nieuws
@TrendingNewsBot
13 Nov 2024
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Citrix Session Recording Security Bulletin for CVE-2024-8068 and CVE-2024-8069 → https://t.co/0MYc2PpA6L
@ripjyr
12 Nov 2024
100 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We started seeing Citrix Virtual Apps and Desktops CVE-2024-8068/CVE-2024-8069 PoC based attempts at around 16:00 UTC today, shortly after publication. While there is discussion on whether these are remotely exploitable without auth, we urge you to update your installations NOW
@Shadowserver
12 Nov 2024
11254 Impressions
39 Retweets
69 Likes
34 Bookmarks
2 Replies
0 Quotes
CVE-2024-8068 Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain … https://t.co/yGxT43HZcZ
@CVEnew
12 Nov 2024
429 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Please see our latest Citrix Session Recording Security Bulletin regarding CVE-2024-8068 and CVE-2024-8069. Citrix urges affected customers to install the relevant updated versions as soon their upgrade schedule permits: https://t.co/k2QQAQoyQs
@citrix
12 Nov 2024
2778 Impressions
2 Retweets
0 Likes
1 Bookmark
1 Reply
1 Quote
CVE-2024-8068 & CVE-2024-8069: Citrix Session Recording Manager Unauthenticated RCE Exploits Publicly Available Discover the critical vulnerabilities in Citrix Session Recording Manager that allow unauthenticated RCE on Citrix Virtual Apps and Desktops. https://t.co/QLwpDlZX
@the_yellow_fall
12 Nov 2024
1466 Impressions
14 Retweets
24 Likes
5 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:session_recording:*:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FCF54DB8-BBE4-4E48-9037-6FD0E3E3426E",
"versionEndExcluding": "2407"
},
{
"criteria": "cpe:2.3:a:citrix:session_recording:1912:-:*:*:ltsr:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F7F0822-5777-4970-A81F-2FECDE137E53"
},
{
"criteria": "cpe:2.3:a:citrix:session_recording:1912:cu1:*:*:ltsr:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E0A17B51-A720-4DB7-BF84-CE13B9517C91"
},
{
"criteria": "cpe:2.3:a:citrix:session_recording:1912:cu2:*:*:ltsr:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9BE1BBDB-B867-4B8D-AE55-24D09F0D4EF7"
},
{
"criteria": "cpe:2.3:a:citrix:session_recording:1912:cu3:*:*:ltsr:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B4E177A4-F2AF-450F-AC8F-5609E586C654"
},
{
"criteria": "cpe:2.3:a:citrix:session_recording:1912:cu4:*:*:ltsr:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86C686E6-2980-49B3-8229-09EB8F91EDCE"
},
{
"criteria": "cpe:2.3:a:citrix:session_recording:1912:cu5:*:*:ltsr:*:*:*",
"vulnerable": true,
"matchCriteriaId": "79E71D63-EB85-4305-8F9D-D1BF7EC71992"
},
{
"criteria": "cpe:2.3:a:citrix:session_recording:1912:cu6:*:*:ltsr:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A46CDA97-3C7C-45B6-890E-9676F059CD88"
},
{
"criteria": "cpe:2.3:a:citrix:session_recording:1912:cu7:*:*:ltsr:*:*:*",
"vulnerable": true,
"matchCriteriaId": "560A4530-C2D2-4631-A754-6DC97E3F29E9"
},
{
"criteria": "cpe:2.3:a:citrix:session_recording:1912:cu8:*:*:ltsr:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A9650D15-919D-4F9E-A54D-9E5174D26B07"
},
{
"criteria": "cpe:2.3:a:citrix:session_recording:2203:-:*:*:ltsr:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C160123B-9BD5-4B7A-A516-F5A5F97FCC79"
},
{
"criteria": "cpe:2.3:a:citrix:session_recording:2203:cu1:*:*:ltsr:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F507C4F-89AE-45DC-A849-44204AD06D09"
},
{
"criteria": "cpe:2.3:a:citrix:session_recording:2203:cu2:*:*:ltsr:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D40669E2-BE98-420B-98F0-10FBF2EA5E6E"
},
{
"criteria": "cpe:2.3:a:citrix:session_recording:2203:cu3:*:*:ltsr:*:*:*",
"vulnerable": true,
"matchCriteriaId": "72923D9A-96C8-40D7-A630-C3C143A7AEA1"
},
{
"criteria": "cpe:2.3:a:citrix:session_recording:2203:cu4:*:*:ltsr:*:*:*",
"vulnerable": true,
"matchCriteriaId": "133696EC-56AB-4B77-8CFE-C97550886037"
},
{
"criteria": "cpe:2.3:a:citrix:session_recording:2203:cu5:*:*:ltsr:*:*:*",
"vulnerable": true,
"matchCriteriaId": "73477179-3270-419C-9ACC-26E43A8D3E93"
},
{
"criteria": "cpe:2.3:a:citrix:session_recording:2402:-:*:*:ltsr:*:*:*",
"vulnerable": true,
"matchCriteriaId": "34A32BF4-B379-46D9-AAE6-85680B5ECA42"
},
{
"criteria": "cpe:2.3:a:citrix:session_recording:2407:-:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "272D5CE4-4A2F-4417-A274-711FF4115907"
}
],
"operator": "OR"
}
]
}
]