CVE-2024-21831Uncontrolled Search Path Element in Intel Processor Diagnostic Tool

CWE-427Uncontrolled Search Path Element3 documents3 sources
Severity
7.8HIGHNVD
CNA6.7
EPSS
0.7%
top 29.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Processor Diagnostic Tool
Timeline
PublishedMay 16

Description

Uncontrolled search path in some Intel(R) Processor Diagnostic Tool software before version 4.1.9.41 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
CVEList
CVE-2024-21831: Uncontrolled search path in some Intel(R) Processor Diagnostic Tool software before version 42024-05-16
GHSA
GHSA-m8c5-r4xh-g82f: Uncontrolled search path in some Intel(R) Processor Diagnostic Tool software before version 42024-05-16
CVE-2024-21831 — Uncontrolled Search Path Element | cvebase