Oddbean

New Citrix Zero-Day Vulnerability Allows Remote Code Execution A new zero-day vulnerability in Citrix’s Session Recording Manager can be exploited to enable unauthenticated remote code execution (RCE) against Citrix Virtual Apps and Desktops, according to watchTowr. The attack surface management provider investigated the architecture behind Citrix’s Session Recording Manager, a feature that provides a record of user activity to help with audits, detecting unusual behavior and troubleshooting problems. See more: https://www.infosecurity-magazine.com/news/new-citrix-zeroday-vulnerability/ #cybersecurity #citrix #zeroday #rce