How to Streamline Zero Trust Using the Shared Signals Framework

Zero Trust helps organizations shrink their attack surface and respond to threats faster, but many still struggle to implement it because their security tools don't share signals reliably. 88% of organizations admit they've suffered significant challenges in trying to implement such approaches,...

EUVD-2024-3434

Malicious code in bioql PyPI...

CVE-2024-54131

The Kolide Agent aka: Launcher is the lightweight agent designed to work with Kolide's service. An implementation bug in the Kolide Agent known as launcher allows for local privilege escalation to the SYSTEM user on Windows 10 and 11. The bug was introduced in version 1.5.3 when launcher started...

Kolide Agent for Windows >= 1.5.3 < 1.12.3 Privilege Escalation (CVE-2024-54131)

The version of Kolide Agent for Windows installed on the remote host is greater or equal to 1.5.3 and prior to 1.12.3. It is, therefore, affected by a privilege escalation vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported...

SUSE CVE-2024-54131

The Kolide Agent aka: Launcher is the lightweight agent designed to work with Kolide's service. An implementation bug in the Kolide Agent known as launcher allows for local privilege escalation to the SYSTEM user on Windows 10 and 11. The bug was introduced in version 1.5.3 when launcher started...

Kolide Agent Installed (Windows)

Binary data kolideagentwininstalled.nbin...

Incorrect Default Permissions

Kolide Agent is vulnerable to Incorrect Default Permissions. The vulnerability is due to improper permissions set on the ProgramData directory for upgraded binaries and the omission of the SystemDrive environmental variable, allowing a malicious actor to place and execute arbitrary DLLs within th...

GO-2024-3308 Kolide Agent Privilege Escalation (Windows, Versions >= 1.5.3, < 1.12.3) in github.com/kolide/launcher

Kolide Agent Privilege Escalation Windows, Versions = 1.5.3, 1.12.3 in github.com/kolide/launcher...

CVE-2024-54131

The Kolide Agent aka: Launcher is the lightweight agent designed to work with Kolide's service. An implementation bug in the Kolide Agent known as launcher allows for local privilege escalation to the SYSTEM user on Windows 10 and 11. The bug was introduced in version 1.5.3 when launcher started...

GHSA-66Q9-2RVX-QFJ5 Kolide Agent Privilege Escalation (Windows, Versions >= 1.5.3, < 1.12.3)

An implementation bug in the Kolide Agent known as launcher allows for local privilege escalation to the SYSTEM user on Windows 10 and 11. Impacted versions include versions = 1.5.3 and the fix has been released in 1.12.3. The bug was introduced in version 1.5.3 when launcher started storing...

Kolide Agent Privilege Escalation (Windows, Versions >= 1.5.3, < 1.12.3)

An implementation bug in the Kolide Agent known as launcher allows for local privilege escalation to the SYSTEM user on Windows 10 and 11. Impacted versions include versions = 1.5.3 and the fix has been released in 1.12.3. The bug was introduced in version 1.5.3 when launcher started storing...

CVE-2024-54131 Kolide Agent Privilege Escalation (Windows, Versions >= 1.5.3, < 1.12.3)

The Kolide Agent aka: Launcher is the lightweight agent designed to work with Kolide's service. An implementation bug in the Kolide Agent known as launcher allows for local privilege escalation to the SYSTEM user on Windows 10 and 11. The bug was introduced in version 1.5.3 when launcher started...

CVE-2024-54131 Kolide Agent Privilege Escalation (Windows, Versions >= 1.5.3, < 1.12.3)

The Kolide Agent aka: Launcher is the lightweight agent designed to work with Kolide's service. An implementation bug in the Kolide Agent known as launcher allows for local privilege escalation to the SYSTEM user on Windows 10 and 11. The bug was introduced in version 1.5.3 when launcher started...

CVE-2024-54131

CVE-2024-54131 (Kolide Agent / launcher, Windows): An implementation bug introduced in 1.5.3, where launcher started storing upgraded binaries in ProgramData and inherited looser root permissions, combined with an omitted SystemDrive env var when launcher starts osqueryd, enables local attackers ...

CVE-2024-54131 Kolide Agent Privilege Escalation (Windows, Versions >= 1.5.3, < 1.12.3)

The Kolide Agent aka: Launcher is the lightweight agent designed to work with Kolide's service. An implementation bug in the Kolide Agent known as launcher allows for local privilege escalation to the SYSTEM user on Windows 10 and 11. The bug was introduced in version 1.5.3 when launcher started...

Kolide Agent 安全漏洞

Kolide Agent Kolide Launcher is a Kolide open source lightweight agent designed to work with Kolide's services. A security vulnerability exists in Kolide Agent that stems from the inclusion of an implementation error that could lead to elevation of privilege...

PT-2024-36062 · Microsoft +1 · Windows 11 +2

Name of the Vulnerable Software and Affected Versions: Kolide Agent versions 1.5.3 through 1.12.2 Description: An implementation bug in the Kolide Agent allows for local privilege escalation to the SYSTEM user on Windows 10 and 11. The bug was introduced when the launcher started storing upgraded...

RedHunt OS v2 - Virtual Machine For Adversary Emulation And Threat Hunting

Virtual Machine for Adversary Emulation and Threat Hunting by RedHunt Labs RedHunt OS aims to be a one stop shop for all your threat emulation and threat hunting needs by integrating attacker's arsenal as well as defender's toolkit to actively identify the threats in your environment. Base Machin...

Man-in-the-Middle (MitM)

Github.Com/Kolide/Fleet is vulnerable to man-in-the-middle MitM. LOGIN authentication is not done using secure TLS connection with SMTP server, leaking login credentials to a man-in-the-middle attacker...

Why You Should Join Carbon Black at QueryCon 2019

Carbon Black Joining Trail of Bits to Support QueryCon 2019 We are excited to announce that Carbon Black will be joining with Trail of Bits and Kolide to sponsor QueryCon 2019. QueryCon is a conference dedicated to Osquery, an open source tool that allows users to query their devices like a...