Exploitation Summary
EIP tracks 1 public exploit for CVE-2024-23773. PoCs published by Verrideo.
AI-analyzed exploit summary The repository contains only a README with a placeholder message indicating future information about CVE-2024-23773. No exploit code or technical details are provided.
Description
An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An Arbitrary file delete vulnerability exists in the KSchedulerSvc.exe component. Local attackers can delete any file of their choice with NT Authority\SYSTEM privileges.
Exploits (1)
nomisec
STUB
by Verrideo · poc
https://github.com/Verrideo/CVE-2024-23773
The repository contains only a README with a placeholder message indicating future information about CVE-2024-23773. No exploit code or technical details are provided.
Classification
Stub 100%
Attack Type
Other
Complexity
Theoretical
Reliability
Theoretical
Target:
unspecified
No auth needed
devstral-2 · analyzed Feb 19, 2026
Full analysis →
References (2)
Core 2
Core References
Various Sources
https://support.quest.com/kb/4375402/quest-response-to-kace-sma-agent-vulnerabilities-cve-2024-23772-cve-2024-23773-cve-2024-23774
Various Sources
https://www.quest.com/kace/
Scores
CVSS v3
7.8
EPSS
0.0038
EPSS Percentile
29.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-22
Status
published
Published
Apr 30, 2024
Tracked Since
Feb 18, 2026