CVE-2024-28047

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Feb 12, 2025

Updated: Feb 18, 2025

CWE ID 20

Summary

CVE-2024-28047 is a newly identified vulnerability affecting certain Intel(R) Processors. The issue stems from improper input validation in the UEFI firmware, which could potentially enable information disclosure for a privileged user via local access. Successful exploitation could lead to exposure of sensitive data, posing a significant risk to system security. Intel is currently working on a patch to address this vulnerability, and users are encouraged to apply it as soon as it becomes available. Until then, it is recommended that users implement additional security measures to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3Tk3-q
https://www.cve.org/CVERecord?id=CVE-2024-28047
https://nvd.nist.gov/vuln/detail/CVE-2024-28047

Back to Vulnerability Database

CVE-2024-28047

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations