Insecure Inherited Permissions in Intel VTune Profiler Installer
CVE-2021-0077

7.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Vtune(tm) Profiler
Vendor: CVE Published:; 9 June 2021

What is CVE-2021-0077?

The Intel VTune Profiler installer prior to version 2021.1.1 has been found to have insecure inherited permissions. This flaw enables authenticated users, with local access, to potentially escalate their privileges. Such vulnerabilities pose significant risks, as they can be exploited to gain unauthorized access to sensitive functions and higher-level permissions within the system. It is crucial for users to ensure their installations are updated to mitigate these risks.

Affected Version(s)

Intel(R) VTune(TM) Profiler before version 2021.1.1

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 9, 2021
Vulnerability Reserved
Oct 22, 2020