Uncontrolled Search Path Vulnerability in Intel QuickAssist Technology
CVE-2024-29223

5.4MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Quickassist Technology Software
Vendor: CVE Published:; 12 February 2025

Summary

An issue has been identified in Intel QuickAssist Technology software that allows an authenticated user to exploit an uncontrolled search path. This may lead to a potential elevation of privileges when local access is granted. Users are encouraged to update to version 2.2.0 or later to mitigate this risk.

Affected Version(s)

Intel(R) QuickAssist Technology software before version 2.2.0

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

5.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Feb 12, 2025
Vulnerability Reserved
Apr 20, 2024