Analysis Summary

CVE-2024-39813 CVSS:6.7

Intel EPCT software could allow a local authenticated attacker to gain elevated privileges on the system, caused by uncontrolled search path.

CVE-2024-21830 CVSS:6.7

Intel VPL software could allow a local authenticated attacker to gain elevated privileges on the system, caused by uncontrolled search path.

CVE-2024-31153 CVSS:5

Intel QuickAssist Technology software is vulnerable to a denial of service, caused by improper input validation.

CVE-2023-32277 CVSS:6.1

Intel QuickAssist Technology software could allow a local authenticated attacker to obtain sensitive information, caused by untrusted pointer dereference in I/O subsystem.

CVE-2024-29223 CVSS:6.7

Intel QuickAssist Technology software could allow a local authenticated attacker to gain elevated privileges on the system, caused by uncontrolled search path.

Impact

• Privilege Escalation
• Denial of Service
• Information Disclosure

Indicators of Compromise

CVE

• CVE-2024-39813

• CVE-2024-21830

• CVE-2024-31153

• CVE-2023-32277

• CVE-2024-29223

Affected Vendors

Affected Products

• Intel EPCT software
• Intel Video Processing Library (VPL) software
• Intel QuickAssist Technology software

Remediation

Upgrade to the latest version, available from the Intel Website.

CVE-2024-39813

CVE-2024-21830

CVE-2024-31153

CVE-2023-32277

CVE-2024-29223