Local Privilege Escalation Vulnerability in Omnissa Horizon Client for macOS
CVE-2024-11467

7.8HIGH

Key Information:

Vendor: Omnissa
Status: Omnissa Horizon Client For Mac OS
Vendor: CVE Published:; 4 February 2025

Summary

The Omnissa Horizon Client for macOS has a security vulnerability that allows users with existing privileges to exploit a logic flaw in the software. This flaw could enable attackers to elevate their privileges to root level, compromising the security of the entire system. Organizations using the Horizon Client for macOS should be aware of this risk and implement necessary security measures.

Affected Version(s)

Omnissa Horizon Client for MacOS MacOS Omnissa Horizon Client for macOS 2406 or earlier

References

https://static.omnissa.com/sites/default/files/OMSA-2024-...

https://www.omnissa.com/omnissa-security-response/

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 4, 2025
Vulnerability Reserved
Nov 19, 2024

Credit

Omnissa would like to thank Paul Montgomery (@nullevent) of TikTok US Data Security, Red Team for reporting this issue to us.