Privilege Escalation Vulnerability in Intel VTune Profiler
CVE-2021-33062

7.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Vtune(tm) Profiler
Vendor: CVE Published:; 17 November 2021

Summary

A potentially serious privilege escalation vulnerability exists in the software installer for Intel VTune Profiler prior to version 2021.3.0. This issue arises from incorrect default permissions settings, which may allow an authenticated user to exploit the installer and gain higher-level access on the affected system. It is crucial for users of affected versions to upgrade to mitigate the risk associated with this vulnerability.

Affected Version(s)

Intel(R) VTune(TM) Profiler before version 2021.3.0

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 17, 2021
Vulnerability Reserved
May 18, 2021