CVE-2020-24485

CWE-4273 documents3 sources
Severity
7.8HIGH
EPSS
0.2%
top 61.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Trace Analyzer AND Collector
Timeline
PublishedFeb 17
Latest updateMay 24

Description

Improper conditions check in the Intel(R) FPGA OPAE Driver for Linux before kernel version 4.17 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5intel(r)_fpga_opae_driver_for_linuxSee references

🔴Vulnerability Details

2
GHSA
GHSA-hghg-9hcj-q4j3: Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may allow an authenticated user to potentially enab2022-05-24
CVEList
CVE-2020-24485: Improper conditions check in the Intel(R) FPGA OPAE Driver for Linux before kernel version 42021-02-17
CVE-2020-24485 (HIGH CVSS 7.8) | Improper conditions check in the In | cvebase.io