"CVE-2024-8068 (CVSS score: 5.1) - An improper privilege management vulnerability in Citrix Session Recording that could allow for privilege escalation to NetworkService Account access when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server domain CVE-2024-8069 (CVSS score: 5.1) - A deserialization of untrusted data vulnerability in Citrix Session Recording that allows limited remote code execution with the privileges of a NetworkService Account access when an attacker is an authenticated user on the same intranet as the session recording server"
"A proof-of-concept (PoC) exploit was released by Datadog following public disclosure. "If a submodule path contains a trailing CR, the altered path can cause Git to initialize the submodule in an unintended location," Arctic Wolf said about CVE-2025-48384. "When this is combined with a symlink pointing to the submodule hooks directory and an executable post-checkout hook, cloning a repository can result in unintended code execution.""
CISA added three vulnerabilities to its Known Exploited Vulnerabilities catalog based on evidence of active exploitation. CVE-2024-8068 and CVE-2024-8069 (both CVSS 5.1) affect Citrix Session Recording and can enable privilege escalation to NetworkService or limited remote code execution when an attacker is an authenticated user on the same domain or intranet. CVE-2025-48384 (CVSS 8.1) is a Git link-following issue that permits arbitrary code execution due to inconsistent handling of carriage return characters. The Citrix flaws were patched in November 2024 after disclosure by watchTowr Labs; the Git issue was fixed earlier in July and saw a PoC released by Datadog.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]