CVE-2024-36276

Published: Nov 13, 2024Modified: Feb 4, 2025

5.4

Vector

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Show more

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: secure@intel.com (Secondary)

Description

Insecure inherited permissions for some Intel(R) CIP software before version 2.4.10852 may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected (1)

Products: Intel: Computing Improvement Program

1 product

Computing Improvement Program

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Intel Computing Improvement Program	Before 2.4.10852

Related CWEs

Insecure Inherited Permissions

A product defines a set of insecure permissions that are inherited by objects that are created by the program.

Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

References (1)

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01182.html

Source: secure@intel.com

PatchVendor Advisory

Timeline

No history available yet.