CVE-2024-28887

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 14, 2024
Updated: Sep 12, 2024
CWE ID 427

Summary

CVE-2024-28887 is a recently disclosed vulnerability affecting some Intel(R) IPP software versions prior to 2021.11. This issue involves an uncontrolled search path, which can potentially be exploited by authenticated users to escalate their privileges through local access. By manipulating the search path, an attacker may be able to execute arbitrary code or gain elevated access to the system, posing a significant security risk. Intel strongly advises users to update their IPP software to the latest version to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Intel Integrated Performance Primitives

Affected Vendors

  • Intel Corp.