CVE-2024-22476

Published May 16, 2024

Last updated 6 months ago

CVSS critical 10.0

Overview

Description: Improper input validation in some Intel(R) Neural Compressor software before version 2.5.0 may allow an unauthenticated user to potentially enable escalation of privilege via remote access.
Source: secure@intel.com
NVD status: Awaiting Analysis

Risk scores

CVSS 3.1

Type: Secondary
Base score: 10
Impact score: 6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity: CRITICAL

Weaknesses

secure@intel.com: CWE-20

Hype score: Not currently trending

The vulnerability I discovered in an Intel product is currently on Spotlight list of Huntr (by Protect AI) 🥳 https://t.co/9Z08KFlwCX (CVE-2024-22476 - CVSS score: 10/10 assigned by Intel) https://t.co/tRtCs63HrQ
@xwilliwollo
Nov 2, 2024 8:16 AM
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

References