Uncontrolled Search Path Vulnerability in Intel Chipset Software Installation Utility
CVE-2024-36291

5.4MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Chipset Software Installation Utility
Vendor: CVE Published:; 12 February 2025

What is CVE-2024-36291?

The vulnerability in the Intel Chipset Software Installation Utility allows an authenticated user to exploit an uncontrolled search path. This could enable local users to escalate privileges, potentially compromising system integrity. It is crucial for users to update to the latest version to mitigate this risk and enhance security.

Affected Version(s)

Intel(R) Chipset Software Installation Utility before version 10.1.19867.8574

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

5.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 12, 2025
Vulnerability Reserved
May 29, 2024

CVE-2024-36291 Data

JSON