MEDIUM✓ PATCH🇵🇱 Wersja polska

CVE-2024-28172

CVSS 5.4v4.0pub. 2024-08-14upd. 2024-09-06

Uncontrolled search path for some Intel(R) Trace Analyzer and Collector software before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Vector
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Intel Oneapi Hpc Toolkit

    APP
    Intel
    < 2024.1.0
  • Intel Trace Analyzer And Collector

    APP
    Intel
    < 2022.1
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2023-35121HIGH7.8ten sam produkt

Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) on...

CVE-2023-24592HIGH7.3ten sam produkt

Path traversal in the some Intel(R) oneAPI Toolkits and Component software before version 2023.1 may allow aut...

CVE-2023-23569HIGH7.8ten sam produkt

Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 pu...

CVE-2020-24485HIGH7.8ten sam produkt

Improper conditions check in the Intel(R) FPGA OPAE Driver for Linux before kernel version 4.17 may allow an a...

CVE-2017-5682HIGH7.3ten sam produkt

Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier...