Exploitation Summary
CVE-2024-8068 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added August 25, 2025.
Description
Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server domain
References (2)
Core 2
Core References
Vendor Advisory
https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069?language=en_US
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-8068
Scores
CVSS v3
8.0
EPSS
0.0805
EPSS Percentile
92.3%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
no
Technical Impact
total
Details
CISA KEV
2025-08-25
VulnCheck KEV
2024-11-12
ENISA EUVD
EUVD-2024-49530
CWE
CWE-269
Status
published
Products (5)
citrix/session_recording
1912 (9 CPE variants)
citrix/session_recording
2203 (6 CPE variants)
citrix/session_recording
2402
citrix/session_recording
2407
citrix/session_recording
< 2407
Published
Nov 12, 2024
KEV Added
Aug 25, 2025
Tracked Since
Feb 18, 2026