CVE-2024-21814

CWE-4273 documents3 sources
Severity
7.3HIGH
EPSS
0.2%
top 62.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Chipset Device Software
Timeline
PublishedMay 16

Description

Uncontrolled search path for some Intel(R) Chipset Device Software before version 10.1.19444.8378 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages2 packages

NVDintel/chipset_device_software< 10.1.19444.8378
CVEListV5intel(r)_chipset_device_softwarebefore version 10.1.19444.8378

🔴Vulnerability Details

2
GHSA
GHSA-9g24-597j-w83m: Uncontrolled search path for some Intel(R) Chipset Device Software before version 102024-05-16
CVEList
CVE-2024-21814: Uncontrolled search path for some Intel(R) Chipset Device Software before version 102024-05-16
CVE-2024-21814 (HIGH CVSS 7.3) | Uncontrolled search path for some I | cvebase.io