NVD disclosure day
CVE-2024-8069
Halo Surface Signal: 2 out of 5 — less likely to be public-facing.
Citrix Session Recording is affected by a deserialization vulnerability allowing an authenticated internal user to execute code remotely with NetworkService privileges. This poses a risk to internal systems and data integrity.
CVE-2024-8068
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
Citrix Session Recording has a privilege escalation vulnerability. An authenticated attacker within the same Windows Active Directory domain could gain NetworkService Account access. This impacts system integrity and potentially exposes sensitive data.
CVE-2024-49039
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A vulnerability in Windows Task Scheduler could allow a local attacker to gain elevated privileges. This could enable unauthorized access to system functions and data, posing a business risk. Organizations should address affected systems promptly.
CVE-2024-43451
Halo Surface Signal: 2 out of 5 — less likely to be public-facing.
Microsoft Windows systems are affected by a vulnerability allowing NTLM hash disclosure through spoofing. Attackers could use this to impersonate users, leading to unauthorized access to systems and data. Organizations should identify and protect affected systems to mitigate business risk.
CVE-2024-8074
Halo Surface Signal: 3 out of 5 — possibly public-facing.
This vulnerability in Nomysem allows unauthorized data collection without proper authentication, potentially exposing user-provided information. The business risk involves the compromise of sensitive data, impacting affected organizations and their users. Affected: Nomysoft Informatics Nomysem Impact: Unauthorized data