Main Vulnerability Database Vulnerabilities #VU101928

#VU101928 Untrusted search path in Intel Graphics Driver for Windows - CVE-2024-38387

Published: December 27, 2024

Vulnerability identifier: #VU101928

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2024-38387

CWE-ID: CWE-426

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Intel Graphics Driver for Windows

Software vendor:
Intel

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to usage of an untrusted search path in Intel Graphics Driver installer. A local user can place a malicious binary into a specific location on the system and execute arbitrary code with escalated privileges.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability. The vendor has discontinued support for Intel Graphics Drivers for versions 15.40 and 15.45.

External links

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01191.html

#VU101928 Untrusted search path in Intel Graphics Driver for Windows - CVE-2024-38387

Description

Remediation

External links

Please verify you're human