← ExploitWatch
HomeExploited Vulnerabilities

CVE-2024-8068 — Actively Exploited: Session Recording (Citrix)

Citrix Session Recording contains an improper privilege management vulnerability that could allow for privilege escalation to NetworkService Account access. An attacker must be an authenticated user in the same Windows Active Directory domain as the session recording server domain.

CVE IDCVE-2024-8068
VendorCitrix
ProductSession Recording
Vulnerability nameCitrix Session Recording Improper Privilege Management Vulnerability
Date added2025-08-25
Remediation due2025-09-15
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
DescriptionCitrix Session Recording contains an improper privilege management vulnerability that could allow for privilege escalation to NetworkService Account access. An attacker must be an authenticated user in the same Windows Active Directory domain as the session recording server domain.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →