cve/2024/CVE-2024-8069.md

### [CVE-2024-8069](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8069)
![](https://img.shields.io/static/v1?label=Product&message=Citrix%20Session%20Recording&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=1912%20LTSR%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2203%20LTSR%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2402%20LTSR%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2407%20Current%20Release%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%20Deserialization%20of%20Untrusted%20Data&color=brightgreen)

### Description

Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/ARPSyndicate/cve-scores
- https://github.com/CryptoGenNepal/CVE-KEV-RSS
- https://github.com/DevGreick/devgreick
- https://github.com/XiaomingX/awesome-cve-exp-poc
- https://github.com/XiaomingX/cve-2024-8069-exp-Citrix-Virtual-Apps-XEN
- https://github.com/XiaomingX/nice-juejin-article
- https://github.com/XiaomingX/weekly
- https://github.com/hsvhora/research_blogs
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/opendr-io/causality
- https://github.com/ums91/CISA_BOT