The U.S. CISA has added three critical security vulnerabilities in Citrix Session Recording and Git to its KEV catalog due to active exploitation evidence. These flaws could allow privilege escalation, remote code execution, and arbitrary code execution. #CitrixSessionRecording #GitVulnerability
Keypoints
- CISA identified three vulnerabilities in Citrix Session Recording and Git actively being exploited.
- CVE-2024-8068 and CVE-2024-8069 involve privilege escalation and remote code execution in Citrix Session Recording.
- CVE-2025-48384 affects Git, leading to arbitrary code execution due to inconsistent handling of carriage return characters.
- Citrix fixed the vulnerabilities in November 2024, and Git addressed the issue earlier in July 2024.
- U.S. FCEB agencies must implement mitigations by September 15, 2025, to prevent cyber threats.
Read More: https://thehackernews.com/2025/08/cisa-adds-three-exploited.html