Vulnerability Details CVE-2024-13861
A code injection vulnerability in the Debian package component of Taegis Endpoint Agent (Linux) versions older than 1.3.10 allows local users arbitrary code execution as root. Redhat-based systems using RPM packages are not affected.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.5%
CVSS Severity
CVSS v3 Score 7.8
Products affected by CVE-2024-13861
-
cpe:2.3:a:sophos:taegis_endpoint_agent:1.0.51
-
cpe:2.3:a:sophos:taegis_endpoint_agent:1.0.53
-
cpe:2.3:a:sophos:taegis_endpoint_agent:1.0.54
-
cpe:2.3:a:sophos:taegis_endpoint_agent:1.1.28
-
cpe:2.3:a:sophos:taegis_endpoint_agent:1.1.29
-
cpe:2.3:a:sophos:taegis_endpoint_agent:1.1.30
-
cpe:2.3:a:sophos:taegis_endpoint_agent:1.1.32
-
cpe:2.3:a:sophos:taegis_endpoint_agent:1.2.27
-
cpe:2.3:a:sophos:taegis_endpoint_agent:1.3.9
-
cpe:2.3:o:debian:debian_linux:-