Buffer overflow in Intel Extreme Tuning Utility (XTU)

#VU50653 Buffer overflow in Intel Extreme Tuning Utility (XTU)

Published: 2021-02-11

Vulnerability identifier: #VU50653

Vulnerability risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-24480

CWE-ID: CWE-119

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Intel Extreme Tuning Utility (XTU)
Hardware solutions / Firmware

Vendor:

Description

The vulnerability allows a local user to perform a denial of servie (DoS) attack.

The vulnerability exists due to a boundary error. A local administrator can trigger memory corruption and cause a denial of service condition on the target system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

External links
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00450.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

Latest bulletins with this vulnerability

Denial of service in Intel XTU