QSearchQSearch

CVE-2024-47091

7.8 HIGH

Privilege escalation in the mk_mysql agent plugin on Windows in Checkmk <2.4.0p29, <2.3.0p47, and 2.2.0 (EOL) allows a local unprivileged...

Published: 2026-05-13 · Last updated: 2026-05-26

Severity and scoring

CVSS
7.8 HIGH
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
CWE-427

Affected products

VendorProduct
checkmkcheckmk

Description

Privilege escalation in the mk_mysql agent plugin on Windows in Checkmk <2.4.0p29, <2.3.0p47, and 2.2.0 (EOL) allows a local unprivileged user able to create a Windows service whose name matches 'MySQL' or 'MariaDB' (or with write access to a binary referenced by such a service) to execute arbitrary code in the context of the Checkmk agent service, which typically runs as SYSTEM.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-9549 Stored cross-site scripting in the service discovery active check output in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 version... (4.8 MEDIUM)
  • CVE-2026-8833 Improper neutralization of HTML-encoded characters in the URL validation function in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.... (5.4 MEDIUM)
  • CVE-2026-8078 Stored cross-site scripting in the global settings change log in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 versions allows an... (4.8 MEDIUM)
  • CVE-2026-7765 Incorrect authorization in the User Messages dashboard widget in Checkmk <2.5.0p5 causes the message-fetching endpoints to return the das... (5.3 MEDIUM)
  • CVE-2026-7186 Stored cross-site scripting in the URL dashboard widget in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 versions allows a user w... (5.4 MEDIUM)

Same CWE

  • CVE-2026-8637 A potential uncontrolled search path vulnerability was reported in the LanSchool Classic client application that could allow a local auth... (7.8 HIGH)
  • CVE-2026-47937 Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an Uncontrolled Search Path Element vulnerability that cou... (7.4 HIGH)
  • CVE-2026-41567 Moby is an open source container framework (7.2 HIGH)
  • CVE-2026-50033 Local privilege escalation due to DLL hijacking vulnerability (7.3 HIGH)
  • CVE-2026-44682 Local privilege escalation due to DLL hijacking vulnerability (7.3 HIGH)