Local Privilege Escalation Vulnerability in Omnissa Horizon Client for macOS
CVE-2024-11468

7.8HIGH

Key Information:

Vendor: Omnissa
Status: Omnissa Horizon Client For Mac OS
Vendor: CVE Published:; 4 February 2025

What is CVE-2024-11468?

Omnissa Horizon Client for macOS has a vulnerability that allows local privilege escalation due to a flaw in its installation process. This defect can allow attackers with standard user privileges to escalate their access to root-level privileges on affected systems, creating potential security risks. Users are advised to update to the latest version to mitigate these risks and ensure their systems remain secure.

Affected Version(s)

Omnissa Horizon Client for MacOS MacOS Omnissa Horizon Client for macOS 2406 or earlier

References

https://static.omnissa.com/sites/default/files/OMSA-2024-...

https://www.omnissa.com/omnissa-security-response/

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 4, 2025
Vulnerability Reserved
Nov 19, 2024

Credit

Omnissa would like to thank Max Keasley of WithSecure Consulting for reporting this issue to us.