Untrusted search path in Intel products - CVE-2024-26017
Published: November 13, 2024
Vulnerability identifier: #VU100423
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-26017
CWE-ID: CWE-426
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Intel
Affected software:
Intel Rendering Toolkit
Intel Embree
Intel Open Path Guiding Library (Intel Open PGL)
Intel Open Image Denoise
Intel Open Volume Kernel Library
Intel OSPRay
Intel OSPRay Studio
Intel Rendering Toolkit
Intel Embree
Intel Open Path Guiding Library (Intel Open PGL)
Intel Open Image Denoise
Intel Open Volume Kernel Library
Intel OSPRay
Intel OSPRay Studio
Detailed vulnerability description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to usage of an untrusted search path. A local user can gain elevated privileges on the target system.
How to mitigate CVE-2024-26017
Install updates from vendor's website.