#VU96034 Insecure Inherited Permissions in Intel products - CVE-2024-25561
Published: August 15, 2024
Vulnerability identifier: #VU96034
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-25561
CWE-ID: CWE-277
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Intel NUC M15 Laptop Kit - LAPBC710
Intel NUC M15 Laptop Kit - LAPBC510
Intel NUC M15 Laptop Kit - LAPRC710
Intel NUC M15 Laptop Kit - LAPRC510
Intel NUC X15 Laptop Kit - LAPAC71G
Intel NUC X15 Laptop Kit - LAPAC71H
Intel NUC X15 Laptop Kit - LAPKC71F
Intel NUC X15 Laptop Kit - LAPKC71E
Intel NUC X15 Laptop Kit - LAPKC51E
Intel Human Interface Device (HID) Event Filter
Intel NUC M15 Laptop Kit - LAPBC710
Intel NUC M15 Laptop Kit - LAPBC510
Intel NUC M15 Laptop Kit - LAPRC710
Intel NUC M15 Laptop Kit - LAPRC510
Intel NUC X15 Laptop Kit - LAPAC71G
Intel NUC X15 Laptop Kit - LAPAC71H
Intel NUC X15 Laptop Kit - LAPKC71F
Intel NUC X15 Laptop Kit - LAPKC71E
Intel NUC X15 Laptop Kit - LAPKC51E
Intel Human Interface Device (HID) Event Filter
Software vendor:
Intel
Intel
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insecure inherited permissions, which leads to security restrictions bypass and privilege escalation.
Remediation
Install updates from vendor's website.