CVE-2024-51448 IBM Robotic Process Automation privilege escalation

🗓️ 18 Jan 2025 15:08:42Reported by ibmType

IBM Robotic Process Automation privilege escalation allows local users to gain administrator rights.

Reporter	Title	Published	Views	Family All 11
IBM Security Bulletins	Security Bulletin: A vulnerability in the IBM Robotic Process Automation windows installer could result in privilege escalation (CVE-2024-51448).	28 Jan 202522:08	–	ibm
BDU FSTEC	The vulnerability of the IBM Robotic Process Automation software installer allows a perpetrator to enhance their privileges.	27 Jan 202500:00	–	bdu_fstec
Circl	CVE-2024-51448	18 Jan 202515:09	–	circl
CNNVD	IBM Robotic Process Automation 安全漏洞	18 Jan 202500:00	–	cnnvd
CVE	CVE-2024-51448	18 Jan 202515:08	–	cve
EUVD	EUVD-2024-45798	3 Oct 202520:07	–	euvd
NVD	CVE-2024-51448	18 Jan 202515:15	–	nvd
OSV	CVE-2024-51448	18 Jan 202515:15	–	osv
Positive Technologies	PT-2024-10276 · Ibm · Ibm Robotic Process Automation	28 Oct 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-51448	23 May 202507:06	–	redhatcve

[
  {
    "cpes": [
      "cpe:2.3:a:ibm:robotic_process_automation:21.0.1:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:robotic_process_automation:21.0.7.17:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:robotic_process_automation:23.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:robotic_process_automation:23.0.18:*:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "Robotic Process Automation",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "21.0.7.17",
        "status": "affected",
        "version": "21.0.0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "23.0.18",
        "status": "affected",
        "version": "23.0.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/7177586

18 Jan 2025 15:08Current

CVSS 3.16.7

EPSS0.00147

CWE-277