CVE-2024-27358

Vulnerability

Overview

CVE-2024-27358 describes a denial-of-service (DoS) vulnerability affecting WithSecure Elements Agent and WithSecure Elements Client Security for macOS, through version 23.x. The issue allows a local unprivileged user to interfere with the installation process, preventing an administrator from successfully completing the installation of the security software [1].

Attack

Vector and Exploitation

The vulnerability is exploitable by a local user on the same macOS system. No authentication beyond local access is required, and the attacker does not need elevated privileges. The attack surface is limited to installations where a local user has access to the system before or during the admin's installation attempt. WithSecure reports that no known exploits have been observed in the wild and no exploit code is known [1].

Impact

Successful exploitation results in a denial of service condition, where the administrator is unable to complete the installation of WithSecure security software. This could leave the system unprotected if the software was intended to replace or supplement existing defenses, but the vulnerability does not allow the attacker to escalate privileges or compromise existing installations.

Mitigation

Status

The issue was reported through WithSecure's Internal Vulnerability Reward Program. WithSecure has not released a patch as of the publication date, and users are advised to review the advisory for any updates. The vulnerability is assigned a CVSS v3 base score of 3.3 (Low severity) [1].