CVE-2024-8996

Grafana Agent Flow on Windows Unquoted service path

Severity Score

7.3

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track*

*SSVC

Descriptions

Unquoted Search Path or Element vulnerability in Grafana Agent (Flow mode) on Windows allows Privilege Escalation from Local User to SYSTEM
This issue affects Agent Flow: before 0.43.2

*Credits: N/A

CVSS Scores

Grafana Labsv3.1 7.3

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track*

Exploitation

None

Automatable

Tech. Impact

Total

* Organization's Worst-case Scenario

Timeline

2024-09-19 CVE Reserved
2024-09-25 CVE Published
2024-09-26 CVE Updated
2024-10-02 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-428: Unquoted Search Path or Element

CAPEC

CAPEC-233: Privilege Escalation

References (4)

URL	Tag	Source
https://github.com/grafana/agent/releases/tag/v0.43.2
https://grafana.com/blog/2024/09/25/grafana-alloy-and-grafana-agent-flow-security-release-high-severity-fix-for-cve-2024-8975-and-cve-2024-8996
https://grafana.com/security/security-advisories/cve-2024-8996
https://github.com/grafana/agent/releases/tag/v0.43.3

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Grafana Search vendor "Grafana"		Agent Flow Search vendor "Grafana" for product "Agent Flow"				< 0.43.2 Search vendor "Grafana" for product "Agent Flow" and version " < 0.43.2"		en		Affected