CVE-2024-23489
Description
Uncontrolled search path for some Intel(R) VROC software before version 8.6.0.1191 may allow an authenticated user to potentially enable escalation of privilege via local access.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Uncontrolled search path in Intel VROC before 8.6.0.1191 allows authenticated local users to escalate privileges.
Vulnerability
Uncontrolled search path vulnerability in Intel(R) VROC software before version 8.6.0.1191. This occurs when the software searches for dynamic libraries in untrusted directories, allowing an authenticated user to load a malicious DLL. The code path is reachable with local access.
Exploitation
An authenticated user with local access can place a malicious file in a directory that is searched before legitimate paths. The attacker needs no special privileges beyond authentication. By triggering the vulnerable code path, the malicious file is loaded, leading to privilege escalation.
Impact
Successful exploitation allows the attacker to execute arbitrary code in the context of the system, potentially gaining elevated privileges such as SYSTEM or administrator access. This is a local escalation of privilege vulnerability.
Mitigation
Intel has released version 8.6.0.1191 to fix the issue. Users should update to this version or later. No workarounds are mentioned. The advisory from Intel is available at [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Intel/VROC softwaredescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.