PT-2024-10051 · Intel · Intel Ethernet Controller Administrative Tools
Aobo Wang
·
Published
2024-05-14
·
Updated
2024-10-25
·
CVE-2024-21828
CVSS v3.1
6.7
Medium
| Vector | AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Intel(R) Ethernet Controller Administrative Tools versions prior to 28.3
Description
The issue is related to improper access control in the Intel(R) Ethernet Controller Administrative Tools software. This may allow an authenticated user to potentially enable escalation of privilege via local access. The vulnerability is associated with errors in access control.
Recommendations
For versions prior to 28.3, update to version 28.3 or later to resolve the issue. As a temporary workaround, consider restricting local access to the Intel(R) Ethernet Controller Administrative Tools software until a patch is applied.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Intel Ethernet Controller Administrative Tools