New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration
November 12, 2024 at 10:15AM Researchers revealed vulnerabilities in Citrix Virtual Apps and Desktop, potentially allowing unauthenticated remote code execution through misconfigured permissions in the Session Recording component. Citrix has issued hotfixes for affected versions (CVE-2024-8068 and CVE-2024-8069). Microsoft warns against using BinaryFormatter due to its security risks related to deserialization. ### Meeting Takeaways – … Read more