Uncontrolled Search Path Element

CVE-2024-47091

Medium

5.2/10

Summary

Privilege escalation in the mk_mysql agent plugin on Windows in Checkmk <2.4.0p29, <2.3.0p47, and 2.2.0 (EOL) allows a local unprivileged user able to create a Windows service whose name matches 'MySQL' or 'MariaDB' (or with write access to a binary referenced by such a service) to execute arbitrary code in the context of the Checkmk agent service, which typically runs as SYSTEM.

Attack Complexity: LOW
Attack Vector: LOCAL
User Interaction: NONE
Privileges Required: LOW

CWE-427 - Uncontrolled Search Path Element

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

References

Advisory Timeline

Published May 13, 2026

Uncontrolled Search Path Element

CVE-2024-47091

Summary

CWE-427 - Uncontrolled Search Path Element

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS