Vulnerability Description
WithSecure Elements Endpoint Protection Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of WithSecure Elements Endpoint Protection. User interaction on the part of an administrator is required to exploit this vulnerability. The specific flaw exists within the WithSecure plugin hosting service. By creating a symbolic link, an attacker can abuse the service to create a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-23035.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Withsecure | Client Security | 15 |
| Withsecure | Elements Endpoint Protection | 17 |
| Withsecure | Email And Server Security | 15 |
| Withsecure | Server Security | 15 |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://www.zerodayinitiative.com/advisories/ZDI-24-491/Third Party Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-24-491/Third Party Advisory
FAQ
What is CVE-2024-4454?
CVE-2024-4454 is a vulnerability with a CVSS score of 7.8 (HIGH). WithSecure Elements Endpoint Protection Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of WithSecur...
How severe is CVE-2024-4454?
CVE-2024-4454 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-4454?
Check the references section above for vendor advisories and patch information. Affected products include: Withsecure Client Security, Withsecure Elements Endpoint Protection, Withsecure Email And Server Security, Withsecure Server Security, Microsoft Windows.