CVE-2024-25561 — MEDIUM (6.7)

Q: How severe is CVE-2024-25561?

CVE-2024-25561 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2024-25561?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Hid Event Filter Driver, Intel Nuc M15 Laptop Kit Lapbc510 Firmware, Intel Nuc M15 Laptop Kit Lapbc510, Intel Nuc M15 Laptop Kit Lapbc710 Firmware, Intel Nuc M15 Laptop Kit Lapbc710.

Vulnerability Description

Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Score

6.7

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Intel	Hid Event Filter Driver	< 2.2.2.1
Intel	Nuc M15 Laptop Kit Lapbc510 Firmware	-
Intel	Nuc M15 Laptop Kit Lapbc510	-
Intel	Nuc M15 Laptop Kit Lapbc710 Firmware	-
Intel	Nuc M15 Laptop Kit Lapbc710	-
Intel	Nuc M15 Laptop Kit Laprc510 Firmware	-
Intel	Nuc M15 Laptop Kit Laprc510	-
Intel	Nuc M15 Laptop Kit Laprc710 Firmware	-
Intel	Nuc M15 Laptop Kit Laprc710	-
Intel	Nuc X15 Laptop Kit Lapac71G Firmware	-
Intel	Nuc X15 Laptop Kit Lapac71G	-
Intel	Nuc X15 Laptop Kit Lapac71H Firmware	-
Intel	Nuc X15 Laptop Kit Lapac71H	-
Intel	Nuc X15 Laptop Kit Lapkc51E Firmware	-
Intel	Nuc X15 Laptop Kit Lapkc51E	-
Intel	Nuc X15 Laptop Kit Lapkc71E Firmware	-
Intel	Nuc X15 Laptop Kit Lapkc71E	-
Intel	Nuc X15 Laptop Kit Lapkc71F Firmware	-
Intel	Nuc X15 Laptop Kit Lapkc71F	-

Related Weaknesses (CWE)

CWE-277 CWE-732

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01089.Vendor Advisory

FAQ

What is CVE-2024-25561?

CVE-2024-25561 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local acce...

How severe is CVE-2024-25561?

CVE-2024-25561 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-25561?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Hid Event Filter Driver, Intel Nuc M15 Laptop Kit Lapbc510 Firmware, Intel Nuc M15 Laptop Kit Lapbc510, Intel Nuc M15 Laptop Kit Lapbc710 Firmware, Intel Nuc M15 Laptop Kit Lapbc710.