CVE-2024-8069CISA KEV: Actively Exploited

Citrix Session Recording Deserialization of Untrusted Data Vulnerability

Published Aug 25, 2025·Updated Aug 25, 2025

Description

Citrix Session Recording contains a deserialization of untrusted data vulnerability that allows limited remote code execution with privilege of a NetworkService Account access. Attacker must be an authenticated user on the same intranet as the session recording server.

Public Exploits & PoCs2 found

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free