CVE-2024-23974

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Aug 14, 2024
CWE ID 276

Summary

CVE-2024-23974 is a newly identified vulnerability affecting some Intel(R) ISH software installers. The issue stems from incorrect default permissions that can potentially enable privilege escalation for authenticated users via local access. This means an attacker with access to the affected system could exploit this vulnerability to gain higher-level permissions, increasing the risk of data theft or unauthorized system modifications. Users are advised to install the latest software updates from Intel to mitigate this risk. The exact impact of this vulnerability depends on the specific version and configuration of the affected software.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share