Exploitation Attempts Target Citrix Session Recording Vulnerabilities

November 21, 2024 at 04:34AM Exploitation attempts have been reported for two Citrix Session Recording vulnerabilities (CVE-2024-8068, CVE-2024-8069), which allow remote code execution. Although patches were issued, some reports suggest systems are exposed to the internet. Citrix advises users to update software to mitigate risks, as exploitation attempts continue. **Meeting Takeaways:** 1. **Vulnerability Overview:** – … Read more

Citrix Issues Patches for Zero-Day Recording Manager Bugs

November 12, 2024 at 12:52PM Citrix has released patches for two vulnerabilities in its Virtual Apps and Desktop technology that could allow privilege escalation or remote code execution by attackers. Discovered by watchTowr, the flaws affect the Session Recording Manager. Citrix assigned a medium severity score, which watchTowr disputes, deeming the threat more critical. ### … Read more