CVE-2024-8068

Name of the Vulnerable Software and Affected Versions Citrix Virtual Apps and Desktops (CVAD) versions 1912 LTSR, 2203, 2402, and 2407

Description The issue is related to insecure privilege management in the Session Recording component of Citrix Virtual Apps and Desktops (CVAD), allowing an attacker to escalate privileges and execute arbitrary code when authenticated as a user in the same Windows Active Directory domain as the session recording server domain. This can lead to remote code execution (RCE) attacks via MSMQ misconfiguration. The vulnerability is actively exploited.

Recommendations For version 1912 LTSR, update to a newer version that includes the fix for this issue. For version 2203, update to a newer version that includes the fix for this issue. For version 2402, update to a newer version that includes the fix for this issue. For version 2407, update to a newer version that includes the fix for this issue. As a temporary workaround, consider restricting access to the Session Recording component until a patch is available.