March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple IBM Products Vulnerabilities
February 4, 2025Google Releases Patches for 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104
February 4, 2025Multiple IBM Products Vulnerabilities
February 4, 2025Google Releases Patches for 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104
February 4, 2025
Severity
Medium
Analysis Summary
CVE-2024-28881 CVSS:6.7
Uncontrolled search path for some Intel(R) Fortran Compiler Classic software before version 2021.13 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-29083 CVSS:6.7
Intel Distribution for Python Software could allow a local authenticated attacker to gain elevated privileges on the system, caused by incorrect default permissions. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to escalate privilege.
CVE-2024-34028 CVSS:6.7
Intel Graphics Offline Compiler for OpenCL Code software for Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by uncontrolled search path. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to escalate privilege.
CVE-2024-32044 CVSS:6.8
Intel Arc Pro Graphics could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper access control. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to escalate privilege.
CVE-2024-34164 CVSS:6.7
Intel MAS software could allow a local authenticated attacker to gain elevated privileges on the system, caused by an uncontrolled search path element flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.
CVE-2024-32048 CVSS:6.5
Intel Distribution of OpenVINO Model Server is vulnerable to a denial of service, caused by improper input validation. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
Impact
- Privilege Escalation
- Denial of Service
Indicators of Compromise
CVE
CVE-2024-28881
CVE-2024-29083
CVE-2024-34028
CVE-2024-32044
CVE-2024-34164
CVE-2024-32048
Affected Vendors
Intel
Affected Products
- Intel Fortran Compiler Classic Software
- Intel Distribution for Python Software
- Intel Graphics Offline Compiler
- Intel OpenCL Code software for Windows
- Intel Arc Pro Graphics for Windows
- Intel MAS software
- Intel Distribution of OpenVINO Model Server software
Remediation
Refer to INTEL Security Advisory for patch, upgrade, or suggested workaround information.