CVE-2024-29979

Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore™ for Intel Kaby Lake, Phoenix SecureCore™ for Intel Coffee Lake, Phoenix SecureCore™ for Intel Comet Lake, Phoenix SecureCore™ for Intel Ice Lake allows Input Data Manipulation.This issue affects SecureCore™ for Intel Kaby Lake: before 4.0.1.1012; SecureCore™ for Intel Coffee Lake: before 4.1.0.568; SecureCore™ for Intel Comet Lake: before 4.2.1.292; SecureCore™ for Intel Ice Lake: before 4.2.0.334.

CVSS v3 2.3 LOW

2.3^/10

CVSS v3 : LOW

Vector :

Exploitability : 0.8 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://www.phoenix.com/phoenix-security-notifications/cve-2024-29979/

Configurations

No configuration.

History

14 Jan 2025, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-14 16:15

Updated : 2025-01-14 16:15

NVD link : CVE-2024-29979

Mitre link : CVE-2024-29979

CVE.ORG link : CVE-2024-29979

JSON object : View

Products Affected

No product.

CWE

CWE-754

Improper Check for Unusual or Exceptional Conditions

{"id": "CVE-2024-29979", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "22d9ba52-f336-4b0d-bf1f-0efbdcc3c1de", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 0.8}], "cvssMetricV40": [{"type": "Secondary", "source": "22d9ba52-f336-4b0d-bf1f-0efbdcc3c1de", "cvssData": {"safety": "NOT_DEFINED", "version": "4.0", "recovery": "NOT_DEFINED", "baseScore": 4.6, "automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "NONE", "vulnerableSystemIntegrity": "NONE", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "subsequentSystemAvailability": "LOW", "vulnerableSystemAvailability": "LOW", "subsequentSystemConfidentiality": "NONE", "vulnerableSystemConfidentiality": "NONE", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2025-01-14T16:15:28.423", "references": [{"url": "https://www.phoenix.com/phoenix-security-notifications/cve-2024-29979/", "source": "22d9ba52-f336-4b0d-bf1f-0efbdcc3c1de"}], "vulnStatus": "Received", "weaknesses": [{"type": "Secondary", "source": "22d9ba52-f336-4b0d-bf1f-0efbdcc3c1de", "description": [{"lang": "en", "value": "CWE-754"}]}], "descriptions": [{"lang": "en", "value": "Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore\u2122 for Intel Kaby Lake, Phoenix SecureCore\u2122 for Intel Coffee Lake, Phoenix SecureCore\u2122 for Intel Comet Lake, Phoenix SecureCore\u2122 for Intel Ice Lake allows Input Data Manipulation.This issue affects SecureCore\u2122 for Intel Kaby Lake: before 4.0.1.1012; SecureCore\u2122 for Intel Coffee Lake: before 4.1.0.568; SecureCore\u2122 for Intel Comet Lake: before 4.2.1.292; SecureCore\u2122 for Intel Ice Lake: before 4.2.0.334."}], "lastModified": "2025-01-14T16:15:28.423", "sourceIdentifier": "22d9ba52-f336-4b0d-bf1f-0efbdcc3c1de"}