CVE-2024-42492

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Feb 12, 2025

CWE ID 427

Summary

CVE-2024-42492 is a newly identified vulnerability affecting the Intel(R) Server M50FCP family's BIOS and System Firmware Update Package before version R01.02.0002. This issue involves an uncontrolled search path element, giving privileged users the potential to escalate their privileges via local access. Successful exploitation could enable attackers to gain elevated system access, potentially leading to serious security implications. Users are strongly advised to update their BIOS and System Firmware as soon as patches become available to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/xxN4mK
https://www.cve.org/CVERecord?id=CVE-2024-42492
https://nvd.nist.gov/vuln/detail/CVE-2024-42492

Back to Vulnerability Database

CVE-2024-42492

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations