HIGHCVE-2024-0219CVSS 7.8

CVE-2024-0219: Privilege Elevation in Telerik JustDecompile

Platform

windows

Component

telerik-justdecompile

Fixed in

2024 R1

AI Confidence: highNVDEPSS 0.7%Reviewed: May 2026

View on NVD

Save

CVE-2024-0219 describes a privilege elevation vulnerability discovered in Telerik JustDecompile. This flaw allows a lower-privileged user to manipulate the application's installer, potentially gaining elevated privileges on the operating system. The vulnerability affects versions RC2012.1 through 2024 R1. A fix is available in version 2024 R1.

Impact and Attack Scenarios

An attacker exploiting this vulnerability could gain unauthorized access to sensitive data, modify system configurations, or execute arbitrary code with elevated privileges. This could lead to a complete compromise of the affected system. The ability to manipulate the installer provides a relatively straightforward attack vector, particularly in environments where JustDecompile is commonly installed. Successful exploitation could allow an attacker to bypass existing security controls and gain persistent access to the system.

Exploitation Context

This CVE was publicly disclosed on 2024-01-31. Currently, there are no known public exploits or active campaigns targeting this vulnerability. Its inclusion in the NVD suggests potential for exploitation, and organizations should prioritize patching. The ease of exploitation, given the installer manipulation, warrants a medium probability of exploitation.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown

CISA KEVNO

Internet ExposureLow

EPSS

0.69% (72% percentile)

CVSS Vector

Affected Software

Componenttelerik-justdecompile

VendorProgress Software

Affected rangeFixed in

RC2012.1 – 2024 R12024 R1

Weakness Classification (CWE)

CWE-269

Timeline

Reserved2024-01-03
Published2024-01-31
Modified2025-05-29
EPSS updated2026-04-02

Mitigation and Workarounds

The primary mitigation for CVE-2024-0219 is to upgrade Telerik JustDecompile to version 2024 R1 or later. If an immediate upgrade is not feasible, consider restricting access to the installation package and monitoring for suspicious activity related to the installer process. Implement least privilege principles to limit the permissions of users who may interact with the JustDecompile installer. Review existing security policies to ensure they adequately address privilege escalation risks.

How to fix

Actualice Telerik JustDecompile a la versión 2024 R1 o posterior. Descargue la última versión desde el sitio web oficial de Telerik y siga las instrucciones de instalación. Esto solucionará la vulnerabilidad de elevación de privilegios.

CVE Security Newsletter

Vulnerability analysis and critical alerts directly to your inbox.

Frequently asked questions

What is CVE-2024-0219 — Privilege Elevation in Telerik JustDecompile?

CVE-2024-0219 is a HIGH severity vulnerability in Telerik JustDecompile allowing a lower-privileged user to elevate their privileges by manipulating the installer.

Am I affected by CVE-2024-0219 in Telerik JustDecompile?

You are affected if you are using Telerik JustDecompile versions RC2012.1 through 2024 R1.

How do I fix CVE-2024-0219 in Telerik JustDecompile?

Upgrade to Telerik JustDecompile version 2024 R1 or later to resolve the vulnerability.

Is CVE-2024-0219 being actively exploited?

Currently, there are no known public exploits or active campaigns targeting CVE-2024-0219, but potential for exploitation exists.

Where can I find the official Telerik advisory for CVE-2024-0219?

Refer to the Telerik security advisory for detailed information and updates: [https://portal.telerik.com/security/CVE/CVE-2024-0219](https://portal.telerik.com/security/CVE/CVE-2024-0219)

NextGuard

Vulnerabilities

What do these metrics mean?

Attack Vector: Local — attacker needs a local shell or interactive session on the system.
Attack Complexity: High — requires a race condition, non-default configuration, or specific circumstances. Harder to exploit reliably.
Privileges Required: Low — any valid user account is sufficient. Basic authenticated access required.
User Interaction: None — attack is automatic and silent. Victim does nothing: no click, no file open.
Scope: Changed — successful attack can pivot beyond the vulnerable component to other systems or the host OS.
Confidentiality: High — complete confidentiality loss. Attacker can read all data: credentials, keys, personal data.
Integrity: High — attacker can write, modify, or delete any data: databases, config files, or code.
Availability: High — complete crash or resource exhaustion. Full denial of service.

Is your project affected?

Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.

Scan free Search CVEs