TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2024-8068

HIGHCISA KEV
8.0

Beschreibung

Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server domain

CVE Details

CVSS v3.1 Bewertung8.0
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorADJACENT_NETWORK
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht11/12/2024
Zuletzt geandert10/24/2025
Quellekev
Honeypot-Sichtungen0

CISA KEV

HerstellerCitrix
ProduktSession Recording
SchwachstellennameCitrix Session Recording Improper Privilege Management Vulnerability
KEV Aufnahmedatum2025-08-25
Behebungsfrist2025-09-15
Ransomware-NutzungUnknown

Betroffene Produkte

citrix:session_recording

Schwachen (CWE)

CWE-269

Referenzen

https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069?language=en_US(secure@citrix.com)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-8068(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.