Unauthenticated Remote Access Privilege Escalation Vulnerability in Intel Neural Compressor Software
CVE-2024-22476

10CRITICAL

Key Information:

Vendor: Intel
Status: Intel(r) Neural Compressor Software
Vendor: CVE Published:; 16 May 2024

Badges

📰 News Worthy

Summary

The vulnerability arises from improper input validation in Intel Neural Compressor software, prior to version 2.5.0, which may allow unauthenticated users to potentially exploit the system. This flaw could enable unauthorized remote access, leading to escalated privileges within the affected software environment. Users are strongly advised to update to the latest version to mitigate this risk.

Affected Version(s)

Intel(R) Neural Compressor software before version 2.5.0

News Articles

CVE-2024-22476

Intel Discloses Max Severity Bug in Its AI Model Compression Software

The improper input validation issue in Intel Neural Compressor enables remote attackers to execute arbitrary code on affected systems.

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

📰
First article discovered
May 17, 2024
Vulnerability published
May 16, 2024
Vulnerability Reserved
Jan 13, 2024

Key Information:

Badges

Summary

Affected Version(s)

Get notified when SecurityVulnerability.io launches alerting 🔔

News Articles

Intel Discloses Max Severity Bug in Its AI Model Compression Software

References

CVSS V3.1

Timeline