Datadog Agent Linux Host Local Privilege Escalation Vulnerability
Vulnerability
A local privilege escalation vulnerability exists in the Datadog Linux Host Agent, affecting versions 7.65.0 through 7.70.2. The issue arises from inadequate permissions on the 'opt/datadog-agent/python-scripts/__pycache__' directory during installation. This directory's code is executed by the Agent only during installation or upgrades. An attacker with local access and a low-privilege account could modify files in this directory, which would be executed when the Agent is upgraded, leading to unauthorized privilege escalation. This vulnerability is exclusive to the Linux Host Agent and does not affect the container, Kubernetes, Windows Host, or other Agent variations.
Impact
Exploitation of this vulnerability could result in unauthorized local privilege escalation, allowing a low-privilege user to gain elevated rights on the system.
Remediation
Users can upgrade to Datadog Agent version 7.71.0 or later to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.