CVE-2024-4454

Published: May 22, 2024Modified: Aug 14, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

WithSecure Elements Endpoint Protection Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of WithSecure Elements Endpoint Protection. User interaction on the part of an administrator is required to exploit this vulnerability. The specific flaw exists within the WithSecure plugin hosting service. By creating a symbolic link, an attacker can abuse the service to create a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-23035.

Affected (4)

Products: Withsecure: Client Security, Elements Endpoint Protection, Email And Server Security, Server Security

Withsecure

4 products

Client Security

Elements Endpoint Protection

Email And Server Security

Server Security

Configuration A

4 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Withsecure Client Security	Version 15
Withsecure Elements Endpoint Protection	Version 17
Withsecure Email And Server Security	Version 15
Withsecure Server Security	Version 15

Running on/with	Platform Versions
Microsoft Windows	All versions

Related CWEs

CWE-59

Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

References (2)

https://www.zerodayinitiative.com/advisories/ZDI-24-491/

Source: zdi-disclosures@trendmicro.com

Third Party Advisory

https://www.zerodayinitiative.com/advisories/ZDI-24-491/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.