Race Condition Vulnerability in Intel Battery Life Diagnostic Tool
CVE-2024-41917

5.4MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Battery Life Diagnostic Tool Software
Vendor: CVE Published:; 12 February 2025

Summary

The Intel Battery Life Diagnostic Tool software prior to version 2.4.1 is susceptible to a race condition vulnerability. This flaw occurs due to a timing issue between when a check is made and when the result is used, allowing an authenticated user, with local access, to potentially escalate their privileges. Attackers may exploit this vulnerability to gain unauthorized access or control over sensitive parts of the system, emphasizing the need for immediate software updates to mitigate risks.

Affected Version(s)

Intel(R) Battery Life Diagnostic Tool software before version 2.4.1

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

5.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Feb 12, 2025
Vulnerability Reserved
Aug 1, 2024