Intel® XTU Advisory

Summary:

A potential security vulnerability in the Intel® Extreme Tuning Utility (XTU) may allow denial of service. Intel is releasing software updates to mitigate this potential vulnerability.

Vulnerability Details:

CVEID: CVE-2020-24480

Description: Out-of-bounds write in the Intel® XTU before version 6.5.3.25 may allow a privileged user to potentially enable denial of service via local access.

CVSS Base Score: 6.7 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:H

Affected Products:

Intel® XTU before version 6.5.3.25.

Recommendations:

Intel recommends updating the Intel® XTU to version 6.5.3.25 or later.

Updates are available for download at this location:

<https://downloadcenter.intel.com/product/66427/Intel-Extreme-Tuning-Utility-Intel-XTU-&gt;

Acknowledgements:

The following issue was found internally by Intel employees.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.