A potential security vulnerability in the Intel® Extreme Tuning Utility (XTU) may allow denial of service. Intel is releasing software updates to mitigate this potential vulnerability.
CVEID: CVE-2020-24480
Description: Out-of-bounds write in the Intel® XTU before version 6.5.3.25 may allow a privileged user to potentially enable denial of service via local access.
CVSS Base Score: 6.7 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:H
Intel® XTU before version 6.5.3.25.
Intel recommends updating the Intel® XTU to version 6.5.3.25 or later.
Updates are available for download at this location:
<https://downloadcenter.intel.com/product/66427/Intel-Extreme-Tuning-Utility-Intel-XTU->
The following issue was found internally by Intel employees.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.