← back
CVE-2024-52976

Elastic Agent Inclusion of Functionality from Untrusted Control Sphere

CVSS 4.4 MEDIUMEPSS 0.2%CWE-829
Inclusion of functionality from an untrusted control sphere in Elastic Agent subprocess, osqueryd, allows local attackers to execute arbitrary code via parameter injection. An attacker requires local access and the ability to modify osqueryd configurations.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Affected products
Elastic · Elastic Agent

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://discuss.elastic.co/t/elastic-agent-7-17-25-and-8-15-4-security-update-esa-2024-39/377708