Uncontrolled Search Path Vulnerability May Lead to Escalation of Privilege
CVE-2024-21814

7.3HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Chipset Device Software
Vendor: CVE Published:; 16 May 2024

What is CVE-2024-21814?

An escalation of privilege vulnerability exists in Intel Chipset Device Software prior to version 10.1.19444.8378. This vulnerability can be exploited by an authenticated user with local access, allowing them to gain unauthorized elevated privileges on the system. Due to the uncontrolled search path, an attacker could execute code in the context of a higher privilege level, potentially compromising the integrity and confidentiality of the system. It is crucial for users to update to the latest version to mitigate this risk. For more information, refer to Intel's security advisory.

Affected Version(s)

Intel(R) Chipset Device Software before version 10.1.19444.8378

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 16, 2024
Vulnerability Reserved
Jan 2, 2024