CVE-2024-10183 - Vulnerability Details - OpenCVE

A vulnerability in Jamf Pro's Jamf Remote Assist tool allows a local, non-privileged user to escalate their privileges to root on MacOS systems.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Attack Requirements Present

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact High

Subsequent System Integrity Impact High

Subsequent System Availability Impact High

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00034.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2024-32963	A vulnerability in Jamf Pro's Jamf Remote Assist tool allows a local, non-privileged user to escalate their privileges to root on MacOS systems.

Fixes

Solution

Upgrade On-Premises Jamf Pro instances to greater than 11.5.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://learn.jamf.com/en-US/bundle/jamf-remote-assist-release-notes/page/Jamf_Remote_Assist_Release_History.html#ariaid-title4

History

Tue, 22 Oct 2024 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 22 Oct 2024 18:00:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability in Jamf Pro's Jamf Remote Assist tool allows a local, non-privileged user to escalate their privileges to root on MacOS systems.
Title		Arbitrary File Write Vulnerability in Jamf Remote Assist Leading to Privilege Escalation
Weaknesses		CWE-276
References		https://learn.jamf.com/en-US/bundle/jamf-remote-assist-release-notes/page/Jamf_Remote_Assist_Release_History.html#ariaid-title4
Metrics		cvssV4_0 `{'score': 5.2, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H'}`

MITRE

Status: PUBLISHED

Assigner: JAMF

Published: 2024-10-22T17:50:53.752Z

Updated: 2024-10-22T18:11:54.102Z

Reserved: 2024-10-18T22:20:03.190Z

Link: CVE-2024-10183

Vulnrichment

Updated: 2024-10-22T18:11:46.820Z

NVD

Status : Awaiting Analysis

Published: 2024-10-22T18:15:03.827

Modified: 2024-10-23T15:12:34.673

Link: CVE-2024-10183

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-10183", "assignerOrgId": "67325c3f-c596-46c5-a235-e1a1e73abe4e", "state": "PUBLISHED", "assignerShortName": "JAMF", "dateReserved": "2024-10-18T22:20:03.190Z", "datePublished": "2024-10-22T17:50:53.752Z", "dateUpdated": "2024-10-22T18:11:54.102Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Pro", "vendor": "Jamf", "versions": [{"lessThanOrEqual": "11.5", "status": "affected", "version": "11.1", "versionType": "Pro"}, {"lessThanOrEqual": "1.3.0", "status": "affected", "version": "1.0.0", "versionType": "JRA"}]}], "credits": [{"lang": "en", "type": "finder", "value": "REQON (Reporter Organization)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A vulnerability in Jamf Pro's Jamf Remote Assist tool allows a local, non-privileged user to escalate their privileges to root on MacOS systems."}], "value": "A vulnerability in Jamf Pro's Jamf Remote Assist tool allows a local, non-privileged user to escalate their privileges to root on MacOS systems."}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "LOCAL", "baseScore": 5.2, "baseSeverity": "MEDIUM", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-276", "description": "CWE-276 Incorrect Default Permissions", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "67325c3f-c596-46c5-a235-e1a1e73abe4e", "shortName": "JAMF", "dateUpdated": "2024-10-22T17:50:53.752Z"}, "references": [{"url": "https://learn.jamf.com/en-US/bundle/jamf-remote-assist-release-notes/page/Jamf_Remote_Assist_Release_History.html#ariaid-title4"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Upgrade On-Premises Jamf Pro instances to greater than 11.5.<br>"}], "value": "Upgrade\u00a0On-Premises Jamf Pro instances to greater than 11.5."}], "source": {"discovery": "EXTERNAL"}, "title": "Arbitrary File Write Vulnerability in Jamf Remote Assist Leading to Privilege Escalation", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-22T18:11:42.682541Z", "id": "CVE-2024-10183", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-22T18:11:54.102Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-10183", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-22T18:11:42.682541Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-22T18:11:46.820Z"}}], "cna": {"title": "Arbitrary File Write Vulnerability in Jamf Remote Assist Leading to Privilege Escalation", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "REQON (Reporter Organization)"}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.2, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Jamf", "product": "Pro", "versions": [{"status": "affected", "version": "11.1", "versionType": "Pro", "lessThanOrEqual": "11.5"}, {"status": "affected", "version": "1.0.0", "versionType": "JRA", "lessThanOrEqual": "1.3.0"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade\u00a0On-Premises Jamf Pro instances to greater than 11.5.", "supportingMedia": [{"type": "text/html", "value": "Upgrade On-Premises Jamf Pro instances to greater than 11.5.<br>", "base64": false}]}], "references": [{"url": "https://learn.jamf.com/en-US/bundle/jamf-remote-assist-release-notes/page/Jamf_Remote_Assist_Release_History.html#ariaid-title4"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A vulnerability in Jamf Pro's Jamf Remote Assist tool allows a local, non-privileged user to escalate their privileges to root on MacOS systems.", "supportingMedia": [{"type": "text/html", "value": "A vulnerability in Jamf Pro's Jamf Remote Assist tool allows a local, non-privileged user to escalate their privileges to root on MacOS systems.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-276", "description": "CWE-276 Incorrect Default Permissions"}]}], "providerMetadata": {"orgId": "67325c3f-c596-46c5-a235-e1a1e73abe4e", "shortName": "JAMF", "dateUpdated": "2024-10-22T17:50:53.752Z"}}}, "cveMetadata": {"cveId": "CVE-2024-10183", "state": "PUBLISHED", "dateUpdated": "2024-10-22T18:11:54.102Z", "dateReserved": "2024-10-18T22:20:03.190Z", "assignerOrgId": "67325c3f-c596-46c5-a235-e1a1e73abe4e", "datePublished": "2024-10-22T17:50:53.752Z", "assignerShortName": "JAMF"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in Jamf Pro's Jamf Remote Assist tool allows a local, non-privileged user to escalate their privileges to root on MacOS systems."}, {"lang": "es", "value": "Una vulnerabilidad en la herramienta Jamf Remote Assist de Jamf Pro permite que un usuario local sin privilegios aumente sus privilegios a root en sistemas MacOS."}], "id": "CVE-2024-10183", "lastModified": "2024-10-23T15:12:34.673", "metrics": {"cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "LOCAL", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 5.2, "baseSeverity": "MEDIUM", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "HIGH", "subsequentSystemConfidentiality": "HIGH", "subsequentSystemIntegrity": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "LOW", "vulnerableSystemConfidentiality": "LOW", "vulnerableSystemIntegrity": "LOW"}, "source": "67325c3f-c596-46c5-a235-e1a1e73abe4e", "type": "Secondary"}]}, "published": "2024-10-22T18:15:03.827", "references": [{"source": "67325c3f-c596-46c5-a235-e1a1e73abe4e", "url": "https://learn.jamf.com/en-US/bundle/jamf-remote-assist-release-notes/page/Jamf_Remote_Assist_Release_History.html#ariaid-title4"}], "sourceIdentifier": "67325c3f-c596-46c5-a235-e1a1e73abe4e", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-276"}], "source": "67325c3f-c596-46c5-a235-e1a1e73abe4e", "type": "Secondary"}]}