CVE-2026-8069

creationtimestamp| type| source ---|---|--- 2026-05-08 09:30:05+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mldg7d5pty2q...

Citrix Session Recording deserialization vulnerability

Added: 08/27/2025 CVE: CVE-2024-8069 Background Citrix Session Recording is software for recording and archiving sessions for retrieval and playback. Problem Unsafe object deserialization in Citrix Session Recording could allow a remote attacker to execute arbitrary commands by sending a speciall...

CISA Adds Three Exploited Vulnerabilities to KEV Catalog Affecting Citrix and Git

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added three security flaws impacting Citrix Session Recording and Git to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2024-8068 CV...

CVE-2025-8069

creationtimestamp| type| source ---|---|--- 2025-07-23 18:29:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lunnm4gsqv2w 2025-07-24 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-646/ 2025-07-24 10:21:06+00:00| seen|...

CVE-2025-8069

During the AWS Client VPN client installation on Windows devices, the install process references the C:\usr\local\windows-x8664-openssl-localbuild\ssl directory location to fetch the OpenSSL configuration file. As a result, a non-admin user could place arbitrary code in the configuration file. If...

CVE-2025-8069 Local Privilege Escalation Vulnerability in AWS Client VPN Windows Client

During the AWS Client VPN client installation on Windows devices, the install process references the C:\usr\local\windows-x8664-openssl-localbuild\ssl directory location to fetch the OpenSSL configuration file. As a result, a non-admin user could place arbitrary code in the configuration file. If...

CVE-2025-8069

CVE-2025-8069 affects AWS Client VPN Windows client. The installation process reads an OpenSSL configuration file from an unprotected directory (C:\usr\local\windows-x86_64-openssl-localbuild\ssl), allowing a non-admin user to insert malicious config. If an admin starts the installer, that code c...

CVE-2025-8069 Local Privilege Escalation Vulnerability in AWS Client VPN Windows Client

During the AWS Client VPN client installation on Windows devices, the install process references the C:\usr\local\windows-x8664-openssl-localbuild\ssl directory location to fetch the OpenSSL configuration file. As a result, a non-admin user could place arbitrary code in the configuration file. If...

CVE-2024-8069

Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server...

CVE-2018-8069

QCMS version 3.0 has XSS via the webname parameter to the /backend/system.html URI...

Vulnerabilities fixed in Citrix Session Recording

Citrix fixed vulnerabilities in Citrix Session Recording A malicious person with limited privileges could exploit the vulnerabilities to gain access to service accounts and execute arbitrary code on the server. Researchers have published Proof-of-Concept code demonstrating the vulnerability with...

CVE-2024-8069

Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server...

CVE-2024-8069 Limited remote code execution with privilege of a NetworkService Account access

Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server...

CVE-2024-8069 Limited remote code execution with privilege of a NetworkService Account access

Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server...

CVE-2024-8069

Citrix Session Recording is affected by CVE-2024-8069 (Citrix Session Recording Deserialization of Untrusted Data). The issue allows limited remote code execution with the privileges of the NetworkService Account when an attacker is an authenticated user on the same intranet as the session record...

CVE-2024-8069

creationtimestamp| type| source ---|---|--- 2024-11-12 16:21:28+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113470897346004162 2024-11-12 19:44:08+00:00| seen| https://t.me/cvedetector/10676 2024-11-12 21:23:09+00:00| seen|...

New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration

Cybersecurity researchers have disclosed new security flaws impacting Citrix Virtual Apps and Desktop that could be exploited to achieve unauthenticated remote code execution RCE The issue, per findings from watchTowr, is rooted in the Session Recording component that allows system administrators...

Mageia: Security Advisory (MGASA-2019-0273)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1396)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-201911-05 : Adobe Flash Player: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201911-05 Adobe Flash Player: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE...