What is CVE-2024-54131?

CVE-2024-54131 is a vulnerability in Kolide Launcher, classified under Incorrect Default Permissions. Published 2024-12-03.

Is CVE-2024-54131 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Kolide Launcher

CVE-2024-54131

The Kolide Agent (aka: Launcher) is the lightweight agent designed to work with Kolide's service. An implementation bug in the Kolide Agent (known as `launcher`) allows for local privilege escalation to the SYSTEM user on Windows 10 and 11…

EPSS: 0.001 (22.4th percentile) — read the EPSS interpretation.

Affected products

Kolide Launcher — versions >= 1.5.3, < 1.12.3

Weakness classification (CWE)

CWE-276 — Incorrect Default Permissions
CWE-456

Public proof-of-concept exploits

Ekitji/siem

References

https://github.com/kolide/launcher/security/advisories/GHSA-66q9-2rvx-qfj5 (x_refsource_CONFIRM)
https://github.com/kolide/launcher/pull/1510 (x_refsource_MISC)

Frequently asked questions

What is CVE-2024-54131?: CVE-2024-54131 is a vulnerability in Kolide Launcher, classified under Incorrect Default Permissions. Published 2024-12-03.
Is CVE-2024-54131 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.