What is the CVSS score of CVE-2024-52976?

CVE-2024-52976 has a CVSS 3.1 base score of 4.4 (Medium). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N. EPSS exploitation probability: 0.1%.

Which versions of Elastic Agent are affected by CVE-2024-52976?

CVE-2024-52976 presents moderate security risk rated CVSS 4.4. Exploitation could compromise the security of affected deployments.. A patch is available.

How to fix or mitigate CVE-2024-52976?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Vendor patch is available.

Elastic Agent CVE-2024-52976

MEDIUM

Inclusion of Functionality from Untrusted Control Sphere (CWE-829)

2025-05-01 security@elastic.co

RCE Elastic Elastic Agent

4.4

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 18:39 vuln.today

Patch released

Mar 28, 2026 - 18:39 nvd

Patch available

CVE Published

May 01, 2025 - 14:15 nvd

MEDIUM 4.4

DescriptionNVD

Inclusion of functionality from an untrusted control sphere in Elastic Agent subprocess, osqueryd, allows local attackers to execute arbitrary code via parameter injection.

An attacker requires local access and the ability to modify osqueryd configurations.

AnalysisAI

Inclusion of functionality from an untrusted control sphere in Elastic Agent subprocess, osqueryd, allows local attackers to execute arbitrary code via parameter injection. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-829. Inclusion of functionality from an untrusted control sphere in Elastic Agent subprocess, osqueryd, allows local attackers to execute arbitrary code via parameter injection. An attacker requires local access and the ability to modify osqueryd configurations. Affected products include: Elastic Elastic Agent.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

More from same product – last 7 days

CVE-2026-42398 HIGH This Week

7.7 May 28

Server-side request forgery in Elastic Kibana allows authenticated users holding connector management privileges to bypa

CVE-2026-33464 MEDIUM This Month

6.5 May 28

Denial of service in Kibana allows any authenticated low-privileged user to render the Kibana service unresponsive for a

CVE-2026-42399 MEDIUM This Month

6.5 May 28

Denial of service in Elastic Kibana allows an authenticated low-privileged user to crash the Kibana service and deny acc

CVE-2026-42400 MEDIUM This Month

6.5 May 28

Denial of service in Kibana allows any authenticated user to crash or render unresponsive a Kibana instance by sending a

CVE-2026-49094 MEDIUM This Month

6.5 May 28

Denial of service in Kibana's analytics collections management endpoint allows any authenticated user with viewer-level

CVE-2024-52976 vulnerability details – vuln.today

Back

Elastic Agent CVE-2024-52976

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

More from same product – last 7 days

Share

External POC / Exploit Code