Experiencing a breach?
Select Language
Contact support
Languages
Contact support
Back to Home

placeholder-title

placeholder-link
Back to Home

Login

Back to Home

Languages

English

CVE-2024-27357

WithSecure Elements for Mac vulnerable to Local Privilege Escalation

 

Status

Fixed

Risk level

High

Action required

FIX No User action is required. The required fix has been published through automatic update channel for Elements agent & MDR with version 24.1

Please note : End of life date for Client Security for Mac version 15 is on 30th Sept 2024. In order to mitigate this issue admin must take action to upgrade to Client Security for Mac 16.

Affected products

All WithSecure Endpoint Protection products for Mac

WithSecure Elements Agent for Mac version 23.x & below

WithSecure Elements Client Security for Mac version 15 & below

WithSecure MDR version 23.x & below

Platforms

All supported platforms for the affected products

Date issued

2024-07-26

Read more

More information

A Vulnerability during the installation or updated process allows a local user with administrator privileges to leading to potential local privilege escalation on WithSecure Mac Products.

This issue was reported to WithSecure as a part of Internal Vulnerability Reward Program. No known exploit or attack has been seen in the wild.

WithSecure is not aware of any known exploits for this vulnerability.

Contributors

WithSecure would like to thank following person for bringing this issue to our attention.

Max Keasley

WithSecure Security Consultant (UK)