CVE-2024-4454

WithSecure Elements Endpoint Protection Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of WithSecure Elements Endpoint Protection. User interaction on the part of an administrator is required to exploit this vulnerability.

The specific flaw exists within the WithSecure plugin hosting service. By creating a symbolic link, an attacker can abuse the service to create a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-23035.

Published: May 22, 2024
Updated: Aug 15, 2025
CVE: CVE-2024-4454
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
withsecure / client_security	15	15.x
withsecure / elements_endpoint_protection	17	17.x
withsecure / email_and_server_security	15	15.x
withsecure / server_security	15	15.x

https://www.zerodayinitiative.com/advisories/ZDI-24-491/

Vulnerability Database

CVE-2024-4454