SB2025052114 - Lenovo update for Intel Arc and Iris Xe Graphics software
Published: May 21, 2025
Security Bulletin ID
SB2025052114
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Adjecent network
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper Neutralization (CVE-ID: CVE-2024-21864)
The vulnerability allows an attacker in adjacent network to escalate privileges on the system.
The vulnerability exists due to an improper neutralization. An unauthenticated attacker can trigger the vulnerability to enable privilege escalation via adjacent network access.
Remediation
Install update from vendor's website.