ch0k1 on Nostr: Citrix Zero-Day Bug Allows Unauthenticated RCE ...
Citrix Zero-Day Bug Allows Unauthenticated RCE
https://www.darkreading.com/cloud-security/citrix-recording-manager-zero-day-bug-unauthenticated-rce
An unpatched zero-day vulnerability in Citrix’s Session Recording Manager allows unauthenticated remote code execution (RCE, paving the way for data theft, lateral movement, and desktop takeover.
According to watchTowr research out today, the issue (which does not yet have a CVE or CVSS score) resides in Citrix's Session Recording Manager, which, as its name implies, records user activity, including keyboard and mouse inputs, websites visited, video streams of desktop activity, and more.
originally posted at https://stacker.news/items/764945
https://www.darkreading.com/cloud-security/citrix-recording-manager-zero-day-bug-unauthenticated-rce
An unpatched zero-day vulnerability in Citrix’s Session Recording Manager allows unauthenticated remote code execution (RCE, paving the way for data theft, lateral movement, and desktop takeover.
According to watchTowr research out today, the issue (which does not yet have a CVE or CVSS score) resides in Citrix's Session Recording Manager, which, as its name implies, records user activity, including keyboard and mouse inputs, websites visited, video streams of desktop activity, and more.
originally posted at https://stacker.news/items/764945