CVE-2024-24986
CVSS 3.1 Score 8.8 of 10 (high)
Details
Summary
CVE-2024-24986 is a newly disclosed vulnerability affecting some Intel(R) Ethernet Network Controllers and Adapters before version 28.3. This issue involves improper access control in Linux kernel mode, which could potentially enable an authenticated user to escalate their privileges through local access. This means that an attacker with access to the system could exploit this vulnerability to gain higher levels of authority, potentially leading to unauthorized access or system manipulation. The exact methods for exploiting this vulnerability are not yet known, but affected users are urged to update their drivers to the latest version as soon as possible to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.