CVE-2024-52976

Inclusion of functionality from an untrusted control sphere in Elastic Agent subprocess, osqueryd, allows local attackers to execute arbitrary code via parameter injection. An attacker requires local access and the ability to modify osqueryd configurations.

CVSS v3 4.4 MEDIUM

4.4^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://discuss.elastic.co/t/elastic-agent-7-17-25-and-8-15-4-security-update-esa-2024-39/377708	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:elastic:elastic_agent::::::::
	cpe:2.3:a:elastic:elastic_agent::::::::

History

No history.

Information

Published : 2025-05-01 14:15

Updated : 2025-10-01 19:28

NVD link : CVE-2024-52976

Mitre link : CVE-2024-52976

CVE.ORG link : CVE-2024-52976

JSON object : View

Products Affected

elastic

elastic_agent

CWE

CWE-829

Inclusion of Functionality from Untrusted Control Sphere

{"id": "CVE-2024-52976", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 0.8}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2025-05-01T14:15:35.527", "references": [{"url": "https://discuss.elastic.co/t/elastic-agent-7-17-25-and-8-15-4-security-update-esa-2024-39/377708", "tags": ["Patch", "Vendor Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-829"}]}], "descriptions": [{"lang": "en", "value": "Inclusion of functionality from an untrusted control sphere in Elastic Agent subprocess, osqueryd, allows local attackers to execute arbitrary code via parameter injection.\n\nAn attacker requires local access and the ability to modify osqueryd configurations."}, {"lang": "es", "value": "La inclusi\u00f3n de funcionalidad de una esfera de control no confiable en el subproceso de Elastic Agent, osqueryd, permite a atacantes locales ejecutar c\u00f3digo arbitrario mediante la inyecci\u00f3n de par\u00e1metros. Un atacante requiere acceso local y la capacidad de modificar las configuraciones de osqueryd."}], "lastModified": "2025-10-01T19:28:58.007", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:elastic:elastic_agent:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF52922C-61CF-4F69-B54F-992FD94FCD2B", "versionEndExcluding": "7.17.25"}, {"criteria": "cpe:2.3:a:elastic:elastic_agent:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19F05BEC-1DFF-4ADE-A82C-665B96AA79B5", "versionEndExcluding": "8.15.4", "versionStartIncluding": "8.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}