CVE-2024-23489Uncontrolled Search Path Element in Intel Virtual Raid ON CPU

CWE-427Uncontrolled Search Path Element3 documents3 sources
Severity
5.4MEDIUMNVD
EPSS
0.1%
top 74.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Virtual Raid ON CPU
Timeline
PublishedAug 14

Description

Uncontrolled search path for some Intel(R) VROC software before version 8.6.0.1191 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages1 packages

NVDintel/virtual_raid_on_cpu< 8.6.0.1191

🔴Vulnerability Details

2
CVEList
CVE-2024-23489: Uncontrolled search path for some Intel(R) VROC software before version 82024-08-14
GHSA
GHSA-m3jp-6m8v-567g: Uncontrolled search path for some Intel(R) VROC software before version 82024-08-14
CVE-2024-23489 — Uncontrolled Search Path Element | cvebase