Description

An issue was discovered in the Agent in Delinea Privilege Manager (formerly Thycotic Privilege Manager) before 12.0.1096 on Windows. Sometimes, a non-administrator user can copy a crafted DLL file to a temporary directory (used by .NET Shadow Copies) such that privilege escalation can occur if the core agent service loads that file.

INFO

Published Date :

2024-06-27T00:00:00.000Z

Last Modified :

2024-10-31T13:26:17.983Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2024-39708 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-39708.

URL Resource
https://docs.delinea.com/online-help/privilege-manager/release-notes/12.0.1-combined.htm cve-icon cve-icon
https://www.cyberark.com/resources/threat-research-blog/identity-crisis-the-curious-case-of-a-delinea-local-privilege-escalation-vulnerability cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Complexity
Attack Vector
Availability Impact
Confidentiality Impact
Integrity Impact
Privileges Required
Scope
User Interaction