CVE-2024-8068

Warning

EPSS 3.03%
Published 12.11.2024 18:15:47
Last modified 26.08.2025 01:00:02
Source secure@citrix.com
Teams watchlist Login
Open Login

Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server domain

Affected products Warnungen 1 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Citrix ≫ Session Recording SwEdition- Version < 2407

Citrix ≫ Session Recording Version1912 Update- SwEditionltsr

Citrix ≫ Session Recording Version1912 Updatecu1 SwEditionltsr

Citrix ≫ Session Recording Version1912 Updatecu2 SwEditionltsr

Citrix ≫ Session Recording Version1912 Updatecu3 SwEditionltsr

Citrix ≫ Session Recording Version1912 Updatecu4 SwEditionltsr

Citrix ≫ Session Recording Version1912 Updatecu5 SwEditionltsr

Citrix ≫ Session Recording Version1912 Updatecu6 SwEditionltsr

Citrix ≫ Session Recording Version1912 Updatecu7 SwEditionltsr

Citrix ≫ Session Recording Version1912 Updatecu8 SwEditionltsr

Citrix ≫ Session Recording Version2203 Update- SwEditionltsr

Citrix ≫ Session Recording Version2203 Updatecu1 SwEditionltsr

Citrix ≫ Session Recording Version2203 Updatecu2 SwEditionltsr

Citrix ≫ Session Recording Version2203 Updatecu3 SwEditionltsr

Citrix ≫ Session Recording Version2203 Updatecu4 SwEditionltsr

Citrix ≫ Session Recording Version2203 Updatecu5 SwEditionltsr

Citrix ≫ Session Recording Version2402 Update- SwEditionltsr

Citrix ≫ Session Recording Version2407 Update- SwEdition-

25.08.2025: CISA Known Exploited Vulnerabilities (KEV) Catalog

Citrix Session Recording Improper Privilege Management Vulnerability

Vulnerability

Citrix Session Recording contains an improper privilege management vulnerability that could allow for privilege escalation to NetworkService Account access. An attacker must be an authenticated user in the same Windows Active Directory domain as the session recording server domain.

Description

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Required actions

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	3.03%	0.861

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8	2.1	5.9	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
secure@citrix.com	5.1	0	0	CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069?language=en_US

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-8068

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-8068

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-8068

EUVD