Cyber Resilience

CVE-2024-11468

High

Published: 04 February 2025

Published
04 February 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0008 24.6th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-11468 is a high-severity Incorrect Default Permissions (CWE-276) vulnerability in Omnissa Horizon Client (inferred from references). Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 24.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and SI-2 (Flaw Remediation).

Deeper analysis

Omnissa Horizon Client for macOS is affected by CVE-2024-11468, a local privilege escalation vulnerability arising from a flaw in the installation process. This issue, tracked under CWE-276, carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H) and was published on 2025-02-04.

Local attackers with user-level privileges on the affected macOS system can exploit this vulnerability to escalate to root privileges. Successful exploitation enables high-impact compromise of confidentiality, integrity, and availability, potentially granting full system control where the Horizon Client is installed.

Mitigation guidance and patches are detailed in Omnissa security advisory OMSA-2024-0002, available at https://static.omnissa.com/sites/default/files/OMSA-2024-0002.pdf, along with additional information on the Omnissa security response page at https://www.omnissa.com/omnissa-security-response/.

EU & UK References

Vulnerability details

Omnissa Horizon Client for macOS contains a Local privilege escalation (LPE) Vulnerability due to a flaw in the installation process. Successful exploitation of this issue may allow attackers with user privileges to escalate their privileges to root on the system…

more

where the Horizon Client for macOS is installed.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local privilege escalation vulnerability (CWE-276) in macOS installer directly enables T1068 Exploitation for Privilege Escalation from user to root.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-21532Shared CWE-276
CVE-2025-24176Shared CWE-276
CVE-2025-1789Shared CWE-276
CVE-2024-43769Shared CWE-276
CVE-2025-0543Shared CWE-276
CVE-2025-7024Shared CWE-276
CVE-2025-24267Shared CWE-276
CVE-2026-25203Shared CWE-276
CVE-2024-49737Shared CWE-276
CVE-2024-34730Shared CWE-276

Affected Assets

Omnissa
Horizon Client
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Timely flaw remediation through applying Omnissa patches directly eliminates the installation process vulnerability enabling local privilege escalation to root.

prevent

Least privilege enforcement ensures user accounts and processes lack the unnecessary permissions required to successfully exploit the LPE during Horizon Client installation.

prevent

Restricting user-installed software prevents local users from initiating the vulnerable installation process that leads to privilege escalation.

References