CVE-2024-8068

Exploited in the Wild ✓ Confirmed 0-Day

Triaged: March 20, 2026 3 articles

VulnLookup ↗ NVD ↗ MITRE ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-24

8.05%

probability

This CVE has a 8.05% probability of being exploited in the next 30 days.

0% Top 92.2th percentile of all CVEs 100%

CVSS score unavailable

Neither CIRCL nor NVD returned a CVSS score for this CVE. View on VulnerabilityLookup ↗

Attack Intelligence

CWE-269 · Improper Privilege Management CWE-284 · Improper Access Control

Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775

TheHackerNews

CISA Adds Three Exploited Vulnerabilities to KEV Catalog Affecting Citrix and Git

TheHackerNews

New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration

TheHackerNews

Signal Intelligence

Confidenceⓘ

85%

EPSS 8.05%

Mentions 3

CNA Information

Analyst Note

CVE-2024-8068 is explicitly named in the CISA KEV catalog addition (article 2) as evidence of active exploitation in the wild affecting Citrix Session Recording. The CVE-2024 year combined with CISA KEV listing and documented active exploitation strongly supports zero-day classification, though exact patch timing remains unstated.

Threat Actors 5

Cobalt

apt_group Financial crime 🇷🇺 RU

Hacking Team

apt_group 🇮🇹 IT

RomCom

apt_group Financial gain 🇷🇺 RU

Returned Libra

apt_group 🇨🇳 CN

Void Rabisu

apt_group Financial gain 🇷🇺 RU

Triage Info

Decided atMar 20, 2026