cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-8068,https://securityvulnerability.io/vulnerability/CVE-2024-8068,Privilege Escalation in Citrix Session Recording,"Security researchers have discovered critical vulnerabilities in Citrix Virtual Apps and Desktops that could potentially allow remote code execution (RCE) attacks. The vulnerabilities tracked as CVE-2024-8068 and CVE-2024-8069 affect the Session Recording component of Citrix Virtual Apps and Desktops, and researchers have observed proof-of-concept (PoC) exploitation attempts in the wild. These vulnerabilities stem from Citrix’s use of BinaryFormatter, and successful exploitation requires an attacker to be an authenticated user in the same Windows Active Directory domain as the session recording server. However, there are warnings of potential unauthenticated RCE as well. Citrix has released patches to address the vulnerabilities and urges customers to install the updates as soon as possible. Security teams are advised to prioritize patching and review logs for any signs of exploitation attempts, as well as consider additional network segmentation to limit potential exposure.",Citrix,Citrix Session Recording,,,0.0004299999854993075,false,,true,false,true,2024-11-13T01:22:14.000Z,,false,false,,2024-11-12T18:15:00.000Z,0
CVE-2024-8069,https://securityvulnerability.io/vulnerability/CVE-2024-8069,Limited remote code execution with privilege of a NetworkService Account access,"The vulnerability presents an opportunity for authenticated users on the same intranet as the Citrix Session Recording server to execute remote code with the privileges of a NetworkService Account. This can potentially lead to unauthorized data access or modification, emphasizing the need for robust network defenses and user access controls to mitigate the risk of exploitation.",Citrix Session Recording,Citrix Session Recording,,,0.0004299999854993075,false,,true,false,false,,,false,false,,2024-11-12T18:15:00.000Z,0