CVE-2024-8069

Limited remote code execution with privilege of a NetworkService Account access

Basic Information

CVE State: PUBLISHED
Reserved Date: August 21, 2024
Published Date: November 12, 2024
Last Updated: October 21, 2025
Vendor: Citrix Session Recording
Product: Citrix Session Recording
Description: Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server
Tags

CVSS Scores

CVSS v4.0

5.1 - MEDIUM

Vector: CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

SSVC Information

Exploitation: active
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (2026-06-01 10:39:30 UTC) Source

References

https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069?language=en_US

Known Exploited Vulnerability Information

Source	Added Date
CVE	2026-06-01 10:39:30 UTC

Timeline

CVE ID Reserved

August 21, 2024
CVE Published to Public

November 12, 2024
Added to KEVIntel

June 01, 2026