CVE-2024-29979

Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore™ for Intel Kaby Lake, Phoenix SecureCore™ for Intel Coffee Lake, Phoenix SecureCore™ for Intel Comet Lake, Phoenix SecureCore™ for Intel Ice Lake allows Input Data Manipulation.This issue affects SecureCore™ for Intel Kaby Lake: before 4.0.1.1012; SecureCore™ for Intel Coffee Lake: before 4.1.0.568; SecureCore™ for Intel Comet Lake: before 4.2.1.292; SecureCore™ for Intel Ice Lake: before 4.2.0.334.

CVSS v3 2.3 LOW

2.3^/10

CVSS v3 : LOW

Vector :

Exploitability : 0.8 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://phoenixtech.com/phoenix-security-notifications/cve-2024-29979/

Configurations

No configuration.

History

28 Jul 2025, 21:15

Type	Values Removed	Values Added
References	~~{'url': 'https://www.phoenix.com/phoenix-security-notifications/cve-2024-29979/', 'source': '22d9ba52-f336-4b0d-bf1f-0efbdcc3c1de'}~~	() https://phoenixtech.com/phoenix-security-notifications/cve-2024-29979/ -
Summary		(es) La vulnerabilidad de verificación incorrecta de condiciones inusuales o excepcionales en Phoenix SecureCore™ para Intel Kaby Lake, Phoenix SecureCore™ para Intel Coffee Lake, Phoenix SecureCore™ para Intel Comet Lake y Phoenix SecureCore™ para Intel Ice Lake permite la manipulación de datos de entrada. Este problema afecta a SecureCore™ para Intel Kaby Lake: anterior a 4.0.1.1012; SecureCore™ para Intel Coffee Lake: anterior a 4.1.0.568; SecureCore™ para Intel Comet Lake: anterior a 4.2.1.292; SecureCore™ para Intel Ice Lake: anterior a 4.2.0.334.

14 Jan 2025, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-14 16:15

Updated : 2025-07-28 21:15

NVD link : CVE-2024-29979

Mitre link : CVE-2024-29979

CVE.ORG link : CVE-2024-29979

JSON object : View

Products Affected

No product.

CWE

CWE-754

Improper Check for Unusual or Exceptional Conditions

{"id": "CVE-2024-29979", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "22d9ba52-f336-4b0d-bf1f-0efbdcc3c1de", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 0.8}], "cvssMetricV40": [{"type": "Secondary", "source": "22d9ba52-f336-4b0d-bf1f-0efbdcc3c1de", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 4.6, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-01-14T16:15:28.423", "references": [{"url": "https://phoenixtech.com/phoenix-security-notifications/cve-2024-29979/", "source": "22d9ba52-f336-4b0d-bf1f-0efbdcc3c1de"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "22d9ba52-f336-4b0d-bf1f-0efbdcc3c1de", "description": [{"lang": "en", "value": "CWE-754"}]}], "descriptions": [{"lang": "en", "value": "Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore\u2122 for Intel Kaby Lake, Phoenix SecureCore\u2122 for Intel Coffee Lake, Phoenix SecureCore\u2122 for Intel Comet Lake, Phoenix SecureCore\u2122 for Intel Ice Lake allows Input Data Manipulation.This issue affects SecureCore\u2122 for Intel Kaby Lake: before 4.0.1.1012; SecureCore\u2122 for Intel Coffee Lake: before 4.1.0.568; SecureCore\u2122 for Intel Comet Lake: before 4.2.1.292; SecureCore\u2122 for Intel Ice Lake: before 4.2.0.334."}, {"lang": "es", "value": "La vulnerabilidad de verificaci\u00f3n incorrecta de condiciones inusuales o excepcionales en Phoenix SecureCore\u2122 para Intel Kaby Lake, Phoenix SecureCore\u2122 para Intel Coffee Lake, Phoenix SecureCore\u2122 para Intel Comet Lake y Phoenix SecureCore\u2122 para Intel Ice Lake permite la manipulaci\u00f3n de datos de entrada. Este problema afecta a SecureCore\u2122 para Intel Kaby Lake: anterior a 4.0.1.1012; SecureCore\u2122 para Intel Coffee Lake: anterior a 4.1.0.568; SecureCore\u2122 para Intel Comet Lake: anterior a 4.2.1.292; SecureCore\u2122 para Intel Ice Lake: anterior a 4.2.0.334."}], "lastModified": "2025-07-28T21:15:26.460", "sourceIdentifier": "22d9ba52-f336-4b0d-bf1f-0efbdcc3c1de"}