TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2024-8069

HIGHCISA KEV
8.0

Beschreibung

Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server

CVE Details

CVSS v3.1 Bewertung8.0
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorADJACENT_NETWORK
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht11/12/2024
Zuletzt geandert10/24/2025
Quellekev
Honeypot-Sichtungen0

CISA KEV

HerstellerCitrix
ProduktSession Recording
SchwachstellennameCitrix Session Recording Deserialization of Untrusted Data Vulnerability
KEV Aufnahmedatum2025-08-25
Behebungsfrist2025-09-15
Ransomware-NutzungUnknown

Betroffene Produkte

citrix:session_recording

Schwachen (CWE)

CWE-502

Referenzen

https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069?language=en_US(secure@citrix.com)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-8069(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.