CVE-2024-11468
Published: 04 February 2025
Summary
CVE-2024-11468 is a high-severity Incorrect Default Permissions (CWE-276) vulnerability in Omnissa Horizon Client (inferred from references). Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 24.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and SI-2 (Flaw Remediation).
Deeper analysis
Omnissa Horizon Client for macOS is affected by CVE-2024-11468, a local privilege escalation vulnerability arising from a flaw in the installation process. This issue, tracked under CWE-276, carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H) and was published on 2025-02-04.
Local attackers with user-level privileges on the affected macOS system can exploit this vulnerability to escalate to root privileges. Successful exploitation enables high-impact compromise of confidentiality, integrity, and availability, potentially granting full system control where the Horizon Client is installed.
Mitigation guidance and patches are detailed in Omnissa security advisory OMSA-2024-0002, available at https://static.omnissa.com/sites/default/files/OMSA-2024-0002.pdf, along with additional information on the Omnissa security response page at https://www.omnissa.com/omnissa-security-response/.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-34421
Vulnerability details
Omnissa Horizon Client for macOS contains a Local privilege escalation (LPE) Vulnerability due to a flaw in the installation process. Successful exploitation of this issue may allow attackers with user privileges to escalate their privileges to root on the system…
more
where the Horizon Client for macOS is installed.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local privilege escalation vulnerability (CWE-276) in macOS installer directly enables T1068 Exploitation for Privilege Escalation from user to root.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Timely flaw remediation through applying Omnissa patches directly eliminates the installation process vulnerability enabling local privilege escalation to root.
Least privilege enforcement ensures user accounts and processes lack the unnecessary permissions required to successfully exploit the LPE during Horizon Client installation.
Restricting user-installed software prevents local users from initiating the vulnerable installation process that leads to privilege escalation.