CVE-2024-42492

MEDIUM Year: 2024
CVSS v3 Score
6.7
Medium
Weakness Type
CWE-427
View all →

Vulnerability Description

Uncontrolled search path element in some BIOS and System Firmware Update Package for Intel(R) Server M50FCP family before version R01.02.0002 may allow a privileged user to potentially enable escalation of privilege via local access.

Related Vulnerabilities

CVE-2017-12313

MEDIUM
CVSS:6.7(Medium)

An untrusted search path (aka DLL Preload) vulnerability in the Cisco Network Academy Packet Tracer software could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if...

CWE-4272017

CVE-2017-5565

MEDIUM
CVSS:6.7(Medium)

Code injection vulnerability in Trend Micro Maximum Security 11.0 (and earlier), Internet Security 11.0 (and earlier), and Antivirus+ Security 11.0 (and earlier) allows a local attacker to bypass a se...

CWE-4272017

CVE-2017-5566

MEDIUM
CVSS:6.7(Medium)

Code injection vulnerability in AVG Ultimate 17.1 (and earlier), AVG Internet Security 17.1 (and earlier), and AVG AntiVirus FREE 17.1 (and earlier) allows a local attacker to bypass a self-protection...

CWE-4272017

CVE-2017-5567

MEDIUM
CVSS:6.7(Medium)

Code injection vulnerability in Avast Premier 12.3 (and earlier), Internet Security 12.3 (and earlier), Pro Antivirus 12.3 (and earlier), and Free Antivirus 12.3 (and earlier) allows a local attacker ...

CWE-4272017

CVE-2017-6417

MEDIUM
CVSS:6.7(Medium)

Code injection vulnerability in Avira Total Security Suite 15.0 (and earlier), Optimization Suite 15.0 (and earlier), Internet Security Suite 15.0 (and earlier), and Free Security Suite 15.0 (and earl...

CWE-4272017

CVE-2018-15452

MEDIUM
CVSS:6.7(Medium)

A vulnerability in the DLL loading component of Cisco Advanced Malware Protection (AMP) for Endpoints on Windows could allow an authenticated, local attacker to disable system scanning services or tak...

CWE-4272018