Uncontrolled Search Path Vulnerability in Intel Computing Improvement Program Software
CVE-2024-21843

6.7MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Computing Improvement Program Software
Vendor: CVE Published:; 16 May 2024

What is CVE-2024-21843?

The vulnerability arises from an uncontrolled search path in Intel Computing Improvement Program software, which may allow an authenticated user with local access to escalate privileges. This flaw affects versions prior to 2.4.0.10654, posing significant risks for system integrity and security. Users are urged to apply the latest updates and review their security protocols to mitigate potential exploitation.

Affected Version(s)

Intel(R) Computing Improvement Program software before version 2.4.0.10654

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 16, 2024
Vulnerability Reserved
Jan 2, 2024