CVE-2024-24912

Published May 1, 2024

Last updated 8 months ago

CVSS medium 6.7

Overview

Description
A local privilege escalation vulnerability has been identified in Harmony Endpoint Security Client for Windows versions E88.10 and below. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system.
Source
cve@checkpoint.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
6.7
Impact score
5.9
Exploitability score
0.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity
MEDIUM

Weaknesses

cve@checkpoint.com
CWE-732

Social media

Hype score
Not currently trending

  1. 🔎Digging deeper into COM hijacking! In Part 3, we explore two new vulnerabilities: 🗑️ Webroot Endpoint Protect (CVE-2023-7241) – SYSTEM via arbitrary file deletion 📥 Checkpoint Harmony (CVE-2024-24912) – SYSTEM via a file download primitive Read more: https://t.co/rDNGUg89Lc

    @Neodyme

    12 Feb 2025

    2610 Impressions

    14 Retweets

    53 Likes

    25 Bookmarks

    0 Replies

    0 Quotes

References