CVE-2024-9478 & CVE-2024-9479: upKeeper IPA Flaws Rated CVSSv4 10 Now Resolved

by do son · November 21, 2024

upKeeper, a provider of privileged access management solutions, has recently addressed two critical vulnerabilities in their Instant Privilege Access (IPA) product. These vulnerabilities, identified as CVE-2024-9478 and CVE-2024-9479, both carry a CVSSv4 score of 10, indicating their high severity and potential impact on affected systems.

upKeeper Instant Privilege Access (IPA) is a cybersecurity solution designed to give users the ability to self-elevate their privileges to perform specific tasks, without needing to constantly rely on IT administrators. This offers a more efficient and secure way to manage user permissions compared to traditional methods like granting permanent admin rights or relying on time-consuming helpdesk requests.

CVE-2024-9478 exploits a flaw in the agent audit process, allowing unauthorized applications to run in elevated mode. This could grant malicious actors access to sensitive data and system resources, potentially leading to data breaches, malware installation, and system compromise.

CVE-2024-9479 targets another weakness in the agent audit process, enabling unapproved subprocesses to run with elevated privileges. This vulnerability could be exploited to bypass security measures, escalate privileges, and execute malicious code, further jeopardizing system security and integrity.

To mitigate these vulnerabilities, upKeeper recommends that all users of upKeeper Instant Privilege Access version 1.1 or earlier immediately upgrade to version 1.2. The update addresses both vulnerabilities by enhancing the agent audit process to effectively shut down unauthorized applications and audit subprocesses.