Advisor CVE-2024-39284
MEDIUMCVSS VectorNVD
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionNVD
Uncontrolled search path for some Intel(R) Advisor software before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
AnalysisAI
Uncontrolled search path for some Intel(R) Advisor software before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-427. Uncontrolled search path for some Intel(R) Advisor software before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access. Affected products include: Intel Advisor, Intel Oneapi Base Toolkit. Version information: version 2024.2.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More from same product – last 7 days
In the Linux kernel, the following vulnerability has been resolved: efi: Fix reservation of unaccepted memory table Th
In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: fix NULL-ptr-deref in ishtp_bus
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clear Present bit before tearing down P
In the Linux kernel, the following vulnerability has been resolved: mtd: intel-dg: Fix accessing regions before setting
In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix workqueue list corruption by removin
Share
External POC / Exploit Code
Leaving vuln.today