04. 04. 2024 Alessandro Mizzaro Bug Fixes

Important GLPI Agent 1.7.3 Security Advisory


Security Advisory: High


There is a security update for GLPI Agent


This version specifically fixes 2 critical security issues related to MSI packaging on Windows:

  • CVE-2024-28240: A local user could modify the GLPI Agent configuration to gain higher privileges.
  • CVE-2024-28241: A local user could modify the GLPI Agent installation to gain higher privileges, but only when GLPI Agent is not installed in the default installation folder.

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the links listed below in the References section.


These security issues only impact Windows installation performed with MSI packaging, so we urge you to upgrade all your agents as soon as possible if this is your case.

Affected Products

All GLPI Agent versions < 1.7.2



Alessandro Mizzaro

Leave a Reply

Your email address will not be published. Required fields are marked *