PT-2025-6651 · Intel · Intel Chipset Software Installation Utility

Sim0Nsecurity

Published

2025-02-11

Updated

2025-02-13

CVE-2024-36291

CVSS v3.1

6.7

Medium

Vector

AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Intel(R) Chipset Software Installation Utility versions prior to 10.1.19867.8574

Description The issue concerns an uncontrolled search path in some Intel(R) Chipset Software Installation Utility versions. This may allow an authenticated user to potentially enable escalation of privilege via local access.

Recommendations For versions prior to 10.1.19867.8574, update to version 10.1.19867.8574 or later to resolve the issue.

Fix

Uncontrolled Search Path Element

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-427

Related Identifiers

BDU:2025-02220

CVE-2024-36291

Affected Products

Intel Chipset Software Installation Utility

PT-2025-6651 · Intel · Intel Chipset Software Installation Utility

CVE-2024-36291

Weakness Enumeration

Related Identifiers

Affected Products

References · 4