Improper Access Control in Intel FPGA Firmware Affecting Security Management
CVE-2024-25576

7.9HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Fpga Products
Vendor: CVE Published:; 14 August 2024

What is CVE-2024-25576?

A vulnerability exists in the firmware of specific Intel FPGA products that can lead to improper access control. This issue allows a local privileged user the ability to escalate privileges, potentially compromising system security. Mitigation requires users to upgrade their firmware to version 24.1 or later to ensure protection against unauthorized access and maintain the integrity of security protocols.

Affected Version(s)

Intel(R) FPGA products before version 24.1

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

7.9

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 14, 2024
Vulnerability Reserved
Feb 14, 2024