CVE-2024-8069

HIGH KEV

Citrix Session Recording - Privilege Escalation

Title source: llm

Description

Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server

Exploits (3)

nomisec WORKING POC

by mdiqbalahmad · poc

https://github.com/mdiqbalahmad/cve-2024-8069-exp-Citrix-Virtual-Apps-XEN

View Code ZIP pw:eip

vulncheck_xdb

remote

https://github.com/XiaomingX/cve-2024-8069-exp-Citrix-Virtual-Apps-XEN

View on vulncheck_xdb

inthewild

poc

https://github.com/xiaomingx/cve-2024-8069-exp-citrix-virtual-apps-xen

View on inthewild

References (2)

[Vendor Advisory] https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069?language=en_US

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-8069

Scores

CVSS v3 8.0

EPSS 0.4887

EPSS Percentile 97.8%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2025-08-25

VulnCheck KEV 2024-11-12

ENISA EUVD EUVD-2024-48915

CWE

CWE-502

Status published

Products (5)

citrix/session_recording 1912 (9 CPE variants)

citrix/session_recording 2203 (5 CPE variants)

citrix/session_recording 2402

citrix/session_recording 2407

citrix/session_recording < 2407

Published Nov 12, 2024

KEV Added Aug 25, 2025

Tracked Since Feb 18, 2026