CVE-2024-0259

Fortra's Robot Schedule Enterprise Agent for Windows prior to version 3.04 is susceptible to privilege escalation. A low-privileged user can overwrite the service executable. When the service is restarted, the replaced binary runs with local system privileges, allowing a low-privileged user to gain elevated privileges.

CVSS v3 7.3 HIGH

7.3^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.3 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://hstechdocs.helpsystems.com/releasenotes/Content/_ProductPages/Robot/RobotScheduleEnterprise.htm	Release Notes
https://www.fortra.com/security/advisory/fi-2024-005	Vendor Advisory
https://hstechdocs.helpsystems.com/releasenotes/Content/_ProductPages/Robot/RobotScheduleEnterprise.htm	Release Notes
https://www.fortra.com/security/advisory/fi-2024-005	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:fortra:robot_schedule:*:*:*:*:enterprise:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

09 Apr 2025, 15:42

Type	Values Removed	Values Added
References	~~() https://hstechdocs.helpsystems.com/releasenotes/Content/_ProductPages/Robot/RobotScheduleEnterprise.htm -~~	() https://hstechdocs.helpsystems.com/releasenotes/Content/_ProductPages/Robot/RobotScheduleEnterprise.htm - Release Notes
References	~~() https://www.fortra.com/security/advisory/fi-2024-005 -~~	() https://www.fortra.com/security/advisory/fi-2024-005 - Vendor Advisory
First Time		Fortra robot Schedule Fortra Microsoft windows Microsoft
CPE		cpe:2.3:a:fortra:robot_schedule:::::enterprise:::* cpe:2.3:o:microsoft:windows:-:::::::*

Information

Published : 2024-03-28 15:15

Updated : 2025-04-09 15:42

NVD link : CVE-2024-0259

Mitre link : CVE-2024-0259

CVE.ORG link : CVE-2024-0259

JSON object : View

Products Affected

fortra

robot_schedule

microsoft

windows

CWE

CWE-276

Incorrect Default Permissions

{"id": "CVE-2024-0259", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "df4dee71-de3a-4139-9588-11b62fe6c0ff", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.3}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.3}]}, "published": "2024-03-28T15:15:46.180", "references": [{"url": "https://hstechdocs.helpsystems.com/releasenotes/Content/_ProductPages/Robot/RobotScheduleEnterprise.htm", "tags": ["Release Notes"], "source": "df4dee71-de3a-4139-9588-11b62fe6c0ff"}, {"url": "https://www.fortra.com/security/advisory/fi-2024-005", "tags": ["Vendor Advisory"], "source": "df4dee71-de3a-4139-9588-11b62fe6c0ff"}, {"url": "https://hstechdocs.helpsystems.com/releasenotes/Content/_ProductPages/Robot/RobotScheduleEnterprise.htm", "tags": ["Release Notes"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.fortra.com/security/advisory/fi-2024-005", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "df4dee71-de3a-4139-9588-11b62fe6c0ff", "description": [{"lang": "en", "value": "CWE-276"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-276"}]}], "descriptions": [{"lang": "en", "value": "Fortra's Robot Schedule Enterprise Agent for Windows prior to version 3.04 is susceptible to privilege escalation. A low-privileged user can overwrite the service executable. When the service is restarted, the replaced binary runs with local system privileges, allowing a low-privileged user to gain elevated privileges.\n\n"}, {"lang": "es", "value": "El Robot Schedule Enterprise Agent de Fortra para Windows anterior a la versi\u00f3n 3.04 es susceptible a una escalada de privilegios. Un usuario con pocos privilegios puede sobrescribir el ejecutable del servicio. Cuando se reinicia el servicio, el binario reemplazado se ejecuta con privilegios del sistema local, lo que permite que un usuario con pocos privilegios obtenga permisos elevados."}], "lastModified": "2025-04-09T15:42:22.040", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:fortra:robot_schedule:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "EDE170B1-FE55-472F-B9EC-4F823D4B4816", "versionEndExcluding": "3.04"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "df4dee71-de3a-4139-9588-11b62fe6c0ff"}