CVE-2024-52976

Published: May 1, 2025Modified: Oct 1, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Inclusion of functionality from an untrusted control sphere in Elastic Agent subprocess, osqueryd, allows local attackers to execute arbitrary code via parameter injection. An attacker requires local access and the ability to modify osqueryd configurations.

Affected (2)

Products: Elastic: Elastic Agent

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Elastic Elastic Agent	Before 7.17.25
Elastic Elastic Agent	From 8.0.0 to 8.15.4

Related CWEs

Inclusion of Functionality from Untrusted Control Sphere

The product imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.

References (1)

https://discuss.elastic.co/t/elastic-agent-7-17-25-and-8-15-4-security-update-esa-2024-39/377708

Source: security@elastic.co

PatchVendor Advisory

Timeline

No history available yet.