Privilege Escalation Vulnerability in AMD Provisioning Console
CVE-2024-21958

7.3HIGH

Key Information:

Vendor: Amd
Status: Provisioning Console
Vendor: CVE Published:; 12 November 2024

Summary

The AMD Provisioning Console has been identified with incorrect default permissions within its installation directory. These inadequate permissions could potentially allow an attacker to exploit the system, achieving elevated privileges. This escalation may lead to arbitrary code execution, posing significant security risks to users of the software. Ensuring appropriate permission settings is essential for maintaining the integrity and security of systems utilizing the AMD Provisioning Console.

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 12, 2024