SB2024062504 - Improper Neutralization in Intel Arc & Iris Xe Graphics - WHQL - Windows Drivers



SB2024062504 - Improper Neutralization in Intel Arc & Iris Xe Graphics - WHQL - Windows Drivers

Published: June 25, 2024

Security Bulletin ID SB2024062504
CSH Severity
Low
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Adjecent network
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 vulnerability.


1) Improper Neutralization (CVE-ID: CVE-2024-21864)

CWE-ID: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CVSSv4: CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:A/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows an attacker in adjacent network to escalate privileges on the system.

The vulnerability exists due to an improper neutralization. An unauthenticated attacker can trigger the vulnerability to enable privilege escalation via adjacent network access.


Remediation

Install update from vendor's website.