Intel Extreme Tuning Utility vulnerabilities

CVE-2024-21835 [MEDIUM] CWE-277 CVE-2024-21835: Insecure inherited permissions in some Intel(R) XTU software before version 7.14.0.15 may allow an a Insecure inherited permissions in some Intel(R) XTU software before version 7.14.0.15 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-32647 [MEDIUM] CWE-284 CVE-2023-32647: Improper access control in some Intel(R) XTU software before version 7.12.0.29 may allow an authenti Improper access control in some Intel(R) XTU software before version 7.12.0.29 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-28407 [MEDIUM] CWE-427 CVE-2023-28407: Uncontrolled search path in some Intel(R) XTU software before version 7.12.0.29 may allow an authent Uncontrolled search path in some Intel(R) XTU software before version 7.12.0.29 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-38561 [MEDIUM] CWE-284 CVE-2023-38561: Improper access control in some Intel(R) XTU software before version 7.12.0.29 may allow an authenti Improper access control in some Intel(R) XTU software before version 7.12.0.29 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-34350 [MEDIUM] CWE-427 CVE-2023-34350: Uncontrolled search path element in some Intel(R) XTU software before version 7.12.0.15 may allow an Uncontrolled search path element in some Intel(R) XTU software before version 7.12.0.15 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2022-22139 [HIGH] CWE-427 CVE-2022-22139: Uncontrolled search path in the Intel(R) XTU software before version 7.3.0.33 may allow an authentic Uncontrolled search path in the Intel(R) XTU software before version 7.3.0.33 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2020-24480 [MEDIUM] CWE-787 CVE-2020-24480: Out-of-bounds write in the Intel(R) XTU before version 6.5.3.25 may allow a privileged user to poten Out-of-bounds write in the Intel(R) XTU before version 6.5.3.25 may allow a privileged user to potentially enable denial of service via local access.

CVE-2020-12350 [HIGH] CVE-2020-12350: Improper access control in the Intel(R) XTU before version 6.5.1.360 may allow an authenticated user Improper access control in the Intel(R) XTU before version 6.5.1.360 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2018-12150 [MEDIUM] CWE-119 CVE-2018-12150: Escalation of privilege in Installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an a Escalation of privilege in Installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially execute code or disclose information as administrator via local access.

CVE-2018-12149 [MEDIUM] CWE-119 CVE-2018-12149: Buffer overflow in input handling in Intel Extreme Tuning Utility before 6.4.1.21 may allow an authe Buffer overflow in input handling in Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially deny service to the application via local access.

CVE-2018-12151 [MEDIUM] CWE-119 CVE-2018-12151: Buffer overflow in installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authentic Buffer overflow in installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially cause a buffer overflow potentially leading to a denial of service via local access.