Severity
Medium
Analysis Summary
CVE-2024-48869 CVSS:6.1
Intel Xeon 6 processor with E-cores could allow a local authenticated attacker to gain elevated privileges on the system
CVE-2024-47795 CVSS:6.7
Intel oneAPI DPC++/C++ Compiler software could allow a local authenticated attacker to gain elevated privileges on the system, caused by a vulnerability of an uncontrolled search path
CVE-2024-47550 CVSS:6.7
Intel Endurance Gaming Mode software installers could allow a local authenticated attacker to gain elevated privileges on the system, caused by incorrect default permissions.
CVE-2024-43420 CVSS:5.6
Multiple Intel processors could allow a local authenticated attacker to obtain sensitive information, caused by shared microarchitectural predictor state that influences transient execution for some Intel Atom(R) processors. An attacker could exploit this vulnerability to obtain sensitive information.
CVE-2024-39833 CVSS:6.7
Intel QAT software could allow a local authenticated attacker to gain elevated privileges on the system, caused by a vulnerability of an uncontrolled search path.
CVE-2024-28036 CVSS:5.6
Intel Arc GPU is vulnerable to a denial of service, caused by improper condition check. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
Impact
- Privilege Escalation
- Information Disclosure
- Denial of Service
Indicators of Compromise
CVE
CVE-2024-48869
CVE-2024-47795
CVE-2024-47550
CVE-2024-43420
CVE-2024-39833
CVE-2024-28036
Affected Vendors
Affected Products
- Intel Xeon 6 processor with E-cores
- Intel Endurance Gaming Mode software
- Intel Graphics Driver software
- Intel Core i4-11500T Processor
- Intel Core i7-11700T Processor
- Intel Core i5-11400T Processor
- Intel QAT software
- Intel Arc GPU A-Series
- Intel Arc Pro A-series graphics
- Intel oneAPI DPC++/C++ Compiler software
Remediation
Upgrade to the latest version of Intel, available from the Intel Website.