(akamai.com) Akamai Mitigates Local Privilege Escalation Vulnerability in Guardicore Platform Agent for macOS and Linux

orlysec@swecyb.com

(akamai.com) Akamai Mitigates Local Privilege Escalation Vulnerability in Guardicore Platform Agent for macOS and Linux

Critical local privilege escalation flaw (CVE-2026-34354) patched in Akamai Guardicore Platform Agent for macOS/Linux. Exploitation via TOCTOU in HandleSaveLogs() enables symlink attacks on root-owned files, plus command injection in gimmelogs diagnostic tool.

In brief - Akamai fixed a severe local privilege escalation vulnerability in Guardicore Agent for macOS/Linux. Attackers could manipulate symlinks or inject commands to escalate privileges. Patch immediately.

Technically - CVE-2026-34354 involves a TOCTOU race condition in HandleSaveLogs() where IPC sockets in /tmp allow symlink attacks on root files. The gimmelogs tool also had command injection via dbstore. Local access required; remote exploitation not possible. Updates mitigate both vectors.

Source: https://www.akamai.com/blog/security-research/2026/may/advisory-cve-2026-34354-guardicore-local-privilege-escalation

#Cybersecurity #ThreatIntel