MEDIUM✓ PATCH🇬🇧 English

CVE-2024-21784

CVSS 5.4v4.0pub. 2024-08-14upd. 2025-08-27

Uncontrolled search path for some Intel(R) IPP Cryptography software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access.

oryginał EN
CVSS Vector
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Intel Integrated Performance Primitives Cryptography

    APP
    Intel
    < 2021.11.0
  • Intel Oneapi Base Toolkit

    APP
    Intel
    < 2024.1
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2022-26083HIGH7.5ten sam produkt

Generation of weak initialization vector in an Intel(R) IPP Cryptography software library before version 2021....

CVE-2023-35121HIGH7.8ten sam produkt

Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) on...

CVE-2023-24592HIGH7.3ten sam produkt

Path traversal in the some Intel(R) oneAPI Toolkits and Component software before version 2023.1 may allow aut...

CVE-2023-30763HIGH7.2ten sam produkt

Heap-based overflow in Intel(R) SoC Watch based software before version 2021.1 may allow a privileged user to ...

CVE-2025-20079MEDIUM5.4ten sam produkt

Uncontrolled search path for some Intel(R) Advisor software may allow an authenticated user to potentially ena...