CVE-2024-8068

Privilege escalation to NetworkService Account access

CVSS 5.1 MEDIUMEPSS 1.4%● KEVCWE-269

In short

An authenticated user in the same Windows Active Directory domain can escalate their privileges to gain NetworkService Account access in Citrix Session Recording. This allows them to perform actions with higher permissions than their account normally allows.

Technical detail

CWE-269 (Improper Access Control) vulnerability enabling privilege escalation to NetworkService Account in Citrix Session Recording. Attack vector requires authentication within the same AD domain as the recording server; successful exploitation grants elevated permissions equivalent to the NetworkService system account, potentially allowing unauthorized access to recorded session data and system resources.

Summary generated and translated by AI from the official description.

Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server domain

CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Affected products

Citrix · Citrix Session Recording

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069?language=en_US https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-8068