CVE-2024-0670
published 2024-03-11CVE-2024-0670: Privilege escalation in windows agent plugin in Checkmk before 2.2.0p23, 2.1.0p40 and 2.0.0 (EOL) allows local user to escalate privileges
PriorityP340high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.34%
26.1th percentile
Privilege escalation in windows agent plugin in Checkmk before 2.2.0p23, 2.1.0p40 and 2.0.0 (EOL) allows local user to escalate privileges
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| checkmk | checkmk | — | — |
| checkmk | checkmk | — | — |
| checkmk | checkmk | >= 2.0.0 < 2.1.0 | 2.1.0 |
| checkmk_gmbh | checkmk | 2.0.0 – 2.0.0p39 | — |
| checkmk_gmbh | checkmk | >= 2.1.0 < 2.1.0p40 | 2.1.0p40 |
| checkmk_gmbh | checkmk | >= 2.2.0 < 2.2.0p23 | 2.2.0p23 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4pc9-wmrm-8p87: Privilege escalation in windows agent plugin in Checkmk before 2
ghsa_unreviewed·2024-03-11
CVE-2024-0670 [HIGH] CWE-427 GHSA-4pc9-wmrm-8p87: Privilege escalation in windows agent plugin in Checkmk before 2
Privilege escalation in windows agent plugin in Checkmk before 2.2.0p23, 2.1.0p40 and 2.0.0 (EOL) allows local user to escalate privileges
OSV
CVE-2024-0670: Privilege escalation in windows agent plugin in Checkmk before 2
osv·2024-03-11·CVSS 7.8
CVE-2024-0670 [HIGH] CVE-2024-0670: Privilege escalation in windows agent plugin in Checkmk before 2
Privilege escalation in windows agent plugin in Checkmk before 2.2.0p23, 2.1.0p40 and 2.0.0 (EOL) allows local user to escalate privileges
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-03-11
Published