CVE-2024-52976
Inclusion of functionality from an untrusted control sphere in Elastic Agent subprocess, osqueryd, allows local attackers to execute arbitrary code via parameter injection.
An attacker requires local access and the ability to modify osqueryd configurations.
An attacker requires local access and the ability to modify osqueryd configurations.
Vendor
Product
CWE
Yayın Tarihi
2025-05-01 14:15:35
Güncelleme
2025-10-01 19:28:58
Source Identifier
security@elastic.co
KEV Date Added
-