Uncontrolled Search Path Vulnerability in Intel QAT Software
CVE-2024-39833

5.4MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Qat Software
Vendor: CVE Published:; 13 May 2025

What is CVE-2024-39833?

An uncontrolled search path vulnerability in Intel QAT software prior to version 2.3.0 allows authenticated users to manipulate the search path, potentially leading to privilege escalation through local access. This vulnerability underscores the importance of ensuring secure software configurations to prevent unauthorized access to system resources. For further information and mitigation steps, refer to Intel's official security advisory.

Affected Version(s)

Intel(R) QAT software before version 2.3.0

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

5.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2025
Vulnerability Reserved
Jun 29, 2024