Grafana Agent flow mode unquoted service path

High
Advisory ID:CVE-2024-8996
Published:2024-09-25
Product:Grafana Agent
CVSS Score:7.3
CVSS Vector:CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Fixed Versions:
>=0.43.1

Summary

On a windows machine, the Grafana Agent Flow mode service prior to version 0.43.1 is vulnerable to a privilege escalation from local user to SYSTEM due to an unquoted service path.

It is recommended that you remove the Grafana Agent Flow installation and do a clean install. An update will not resolve the issue. An alternative would be to add the double quotes manually to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Grafana Agent Flow.