Vulnerability in Installation Software For Intel(r) Ethernet Adapter Driver Pack

CVE-2024-22376

Uncontrolled search path element in some installation software for Intel(R) Ethernet Adapter Driver Pack before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

EPSS: 0.002 (4.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H.

Affected products

  • N/a Installation Software For Intel(r) Ethernet Adapter Driver Pack — versions before version 28.3

Weakness classification (CWE)

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2024-22376?
CVE-2024-22376 is a medium-severity vulnerability in Installation Software For Intel(r) Ethernet Adapter Driver Pack, classified under Uncontrolled Search Path Element. CVSS score: 6.7/10. Published 2024-08-14.
How severe is CVE-2024-22376?
Medium severity. CVSS v3 base score is 6.7 out of 10.
Is CVE-2024-22376 known to be exploited?
2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.