CVE-2023-24591

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Feb 14, 2024
CWE ID 427

Summary

CVE-2023-24591 is a vulnerability affecting some versions of Intel(R) Binary Configuration Tool software. This issue involves an uncontrolled search path that could allow an authenticated user to potentially escalate privileges locally by manipulating the tool's configuration files. Successful exploitation could result in elevated access to system resources, increasing the attacker's ability to cause damage or gain deeper access to the affected system. Users are advised to update to the latest version, 3.4.4, to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share