Multiple Intel Products Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-37027 CVSS:6.1

Intel VTune Profiler software is vulnerable to a denial of service, caused by improper input validation. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.

CVE-2024-34167 CVSS:6.7

Intel Server Board S2600ST Family BIOS and Firmware Update software could allow a local authenticated attacker to gain elevated privileges on the system, caused by uncontrolled search path. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to escalate privilege.

CVE-2024-36276 CVSS:6.7

Intel CIP software could allow a local authenticated attacker to gain elevated privileges on the system, caused by an insecure inherited permissions flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.

CVE-2024-36253 CVSS:6.7

Intel SDP Tool for Windows software could allow a local authenticated attacker to gain elevated privileges on the system, caused by an uncontrolled search paths flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.

CVE-2024-35201 CVSS:6.7

Intel SDP Tool for Windows software could allow a local authenticated attacker to gain elevated privileges on the system, caused by an incorrect default permissions flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.

CVE-2024-37024 CVSS:6.7

Uncontrolled search path for some ACAT software maintained by Intel(R) for Windows before version 3.11.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Impact