CVE-2024-8069

UNKNOWN 0.0

⚠️ CISA KEV

Limited remote code execution with privilege of a NetworkService Account access

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server

CWE	CWE-502
Vendor	citrix session recording
Product	citrix session recording
Published	Nov 12, 2024
Last Updated	Oct 21, 2025

⚠️ Actively Exploited — Act Now

Get instant alerts for citrix session recording citrix session recording

This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2024-8069.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Citrix Session Recording / Citrix Session Recording

2407 Current Release < 24.5.200.8 1912 LTSR < CU9 hotfix 19.12.9100.6 2203 LTSR < CU5 hotfix 22.03.5100.11 2402 LTSR < CU1 hotfix 24.02.1200.16

References

NVD ↗ CVE.org ↗ EPSS Data ↗

support.citrix.com: https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069?language=en_US cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-8069