Improper Access Control in Intel FPGA Firmware Affecting Security Management
CVE-2024-25576

7.9HIGH

Key Information:

Vendor
Intel
Vendor
CVE Published:
14 August 2024

Summary

A vulnerability exists in the firmware of specific Intel FPGA products that can lead to improper access control. This issue allows a local privileged user the ability to escalate privileges, potentially compromising system security. Mitigation requires users to upgrade their firmware to version 24.1 or later to ensure protection against unauthorized access and maintain the integrity of security protocols.

Affected Version(s)

Intel(R) FPGA products before version 24.1

References

CVSS V3.1

Score:
7.9
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.