CVE-2024-10526
Published: 07 November 2024
Summary
CVE-2024-10526 is a high-severity Files or Directories Accessible to External Parties (CWE-552) vulnerability. Its CVSS base score is 8.6 (High).
Operationally, ranked at the 6.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-33163
Vulnerability details
Rapid7 Velociraptor MSI Installer versions below 0.73.3 suffer from a vulnerability whereby it creates the installation directory with WRITE_DACL permission to the BUILTIN\\Users group. This allows local users who are not administrators to grant themselves the Full Control permission on…
more
Velociraptor's files. By modifying Velociraptor's files, local users can subvert the binary and cause the Velociraptor service to execute arbitrary code as the SYSTEM user, or to replace the Velociraptor binary completely. This issue is fixed in version 0.73.3.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Identifying and documenting file and directory locations allows restriction of access to external parties.
Protecting backup availability and integrity requires correct permission assignments on critical backup resources.
Restricting media access ensures correct permission assignments for this critical resource.
Employing and evaluating controls at documented alternate sites makes files and directories less likely to be accessible to external parties through physical or environmental weaknesses.
Mandates securing keys/combinations, periodic inventory, and rotation on compromise or personnel changes to correct improper physical permission assignments.
Treating the plan as a critical resource and requiring it to be protected from unauthorized modification or disclosure drives correct permission assignment.
Categorization results dictate which files and directories must be restricted, making unauthorized external access less likely.
Prevents public exposure of files or directories that should not be reachable by unauthenticated parties.