#VU103966 Race condition in Intel products - CVE-2024-36262
Published: February 14, 2025
Vulnerability identifier: #VU103966
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-36262
CWE-ID: CWE-362
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Intel System Security Report and System Resource Defense (PPAM)
11th Generation Intel Core Processors
12th Generation Intel Core Processors
Intel Pentium Gold Processor Series
Intel Celeron Processors
10th Generation Intel Core Processors
Intel Xeon W Processor 1300 Series
13th Generation Intel Core Processors
13th Generation Intel Core i7 processors
Intel System Security Report and System Resource Defense (PPAM)
11th Generation Intel Core Processors
12th Generation Intel Core Processors
Intel Pentium Gold Processor Series
Intel Celeron Processors
10th Generation Intel Core Processors
Intel Xeon W Processor 1300 Series
13th Generation Intel Core Processors
13th Generation Intel Core i7 processors
Software vendor:
Intel
Intel
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition. A local administrator can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.
Remediation
Install updates from vendor's website.