{"cve":{"cve_id":"CVE-2024-52976","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00168,"epss_percentile":0.06308,"epss_as_of":"2026-06-23","description":"Inclusion of functionality from an untrusted control sphere in Elastic Agent subprocess, osqueryd, allows local attackers to execute arbitrary code via parameter injection.\n\nAn attacker requires local access and the ability to modify osqueryd configurations.","published_at":"2025-05-01T13:03:58.672000Z","last_modified_at":null,"cvss_v3_score":4.4,"cvss_v3_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N","cvss_v3_severity":"MEDIUM","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"none","ssvc_automatable":false,"ssvc_technical_impact":"partial","cwes":["CWE-829"],"nvd_references":["https://discuss.elastic.co/t/elastic-agent-7-17-25-and-8-15-4-security-update-esa-2024-39/377708"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-29T02:14:36.567578Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"L","value_label":"Local"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"H","value_label":"High"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"N","value_label":"None"},{"metric":"I","name":"Integrity","value":"H","value_label":"High"},{"metric":"A","name":"Availability","value":"N","value_label":"None"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"elastic","vendor_name":"Elastic","product_slug":"elastic-agent","product_name":"Elastic Agent","version_start":"7.0.0","version_start_inclusive":true,"version_end":"7.17.24","version_end_inclusive":true,"cpe23_uri":"cve5:elastic:elastic-agent:7.0.0:7.17.24"},{"vendor_slug":"elastic","vendor_name":"Elastic","product_slug":"elastic-agent","product_name":"Elastic Agent","version_start":"8.0.0","version_start_inclusive":true,"version_end":"8.15.3","version_end_inclusive":true,"cpe23_uri":"cve5:elastic:elastic-agent:8.0.0:8.15.3"}],"exploit_refs":[],"news":[],"references":[{"url":"https://discuss.elastic.co/t/elastic-agent-7-17-25-and-8-15-4-security-update-esa-2024-39/377708","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2025-05-01T13:03:58.672000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:39:10.181775Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:39:10.181775Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:39:10.181775Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"ssvc_changed","at":"2026-06-29T02:14:36.567578Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T02:14:36.567578Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T02:14:36.567578Z","label":"SSVC decision revised","source":"vulnrichment"}]}