CVE-2024-52976 Information

Description

Inclusion of functionality from an untrusted control sphere in Elastic Agent subprocess osqueryd allows local attackers to execute arbitrary code via parameter injection.

An attacker requires local access and the ability to modify osqueryd configurations.

Reference

https://discuss.elastic.co/t/elastic-agent-7-17-25-and-8-15-4-security-update-esa-2024-39/377708