CVE-2024-11467 HIGH

CVE-2024-11467

Vendor Omnissa
Product Omnissa Horizon Client for MacOS
Published February 4, 2025
Last update February 5, 2025

CVSS base score

7.8/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Omnissa Horizon Client for macOS contains a Local privilege escalation (LPE) Vulnerability due to a logic flaw. Successful exploitation of this issue may allow attackers with user privileges to escalate their privileges to root on the system where the Horizon Client for macOS is installed.

Key dates

02Disclosure timeline

February 4, 2025 CVE published
February 5, 2025 Record updated