CVE-2024-21799
📋 TL;DR
This path traversal vulnerability in Intel Extension for Transformers allows authenticated local users to access files outside intended directories, potentially leading to privilege escalation. It affects users running vulnerable versions of this AI acceleration software. Attackers need local authenticated access to exploit this flaw.
💻 Affected Systems
- Intel Extension for Transformers
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Authenticated attacker gains root/system privileges, accesses sensitive system files, and potentially installs persistent malware.
Likely Case
Authenticated user escalates privileges to access restricted files or modify configurations they shouldn't have access to.
If Mitigated
Attack limited to authenticated users with proper file permissions and access controls in place.
🎯 Exploit Status
Path traversal vulnerabilities typically have low exploitation complexity once authenticated access is obtained.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.5 or later
Vendor Advisory: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01190.html
Restart Required: Yes
Instructions:
1. Download Intel Extension for Transformers version 1.5 or later from official Intel sources. 2. Uninstall previous vulnerable version. 3. Install new version following Intel's installation guide. 4. Restart affected systems.
🔧 Temporary Workarounds
Restrict user access
allLimit local user accounts that can access systems with Intel Extension for Transformers installed.
Implement strict file permissions
linuxSet restrictive permissions on Intel Extension for Transformers directories and files.
chmod 750 /path/to/intel-extension-directory
chown root:root /path/to/intel-extension-directory
🧯 If You Can't Patch
- Remove Intel Extension for Transformers from systems where it's not essential
- Implement strict access controls and monitor for suspicious file access patterns
🔍 How to Verify
Check if Vulnerable:
Check installed version of Intel Extension for Transformers. If version is below 1.5, system is vulnerable.Check Version:
python -c "import intel_extension_for_transformers; print(intel_extension_for_transformers.__version__)"Verify Fix Applied:
Confirm Intel Extension for Transformers version is 1.5 or higher after update.📡 Detection & Monitoring
Log Indicators:
- Unusual file access patterns in Intel Extension for Transformers directories
- Failed privilege escalation attempts
- Access to files outside expected directories
Network Indicators:
- Local authentication events followed by unusual file operations
SIEM Query:
source="system_logs" AND (process="intel_extension" OR directory="*transformers*") AND (action="access" OR action="modify") AND path NOT CONTAINS "expected_directories"