Uncontrolled Search Path Vulnerability in Intel VPL Software
CVE-2024-21830

5.4MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Vpl Software
Vendor: CVE Published:; 12 February 2025

Summary

An uncontrolled search path vulnerability in Intel's Video Processing Library (VPL) software prior to version 2023.4.0 could potentially allow an authenticated user to exploit local access, leading to escalation of privileges. This flaw might enable unauthorized access to sensitive data and system features, highlighting the importance of timely updates and security practices to mitigate potential risks.

Affected Version(s)

Intel(R) VPL software before version 2023.4.0

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

5.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Feb 12, 2025
Vulnerability Reserved
Jan 10, 2024