CVE-2024-22476

CRITICAL NUCLEI

Intel Neural Compressor <2.5.0 - SQL Injection

Title source: nuclei

Exploitation Summary

CVE-2024-22476 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.

Description

Improper input validation in some Intel(R) Neural Compressor software before version 2.5.0 may allow an unauthenticated user to potentially enable escalation of privilege via remote access.

Nuclei Templates (1)

Intel Neural Compressor <2.5.0 - SQL Injection

CRITICALby ritikchaddha

References (1)

Core 1

Core References

Vendor Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01109.html

Scores

CVSS v3 10.0

EPSS 0.3359

EPSS Percentile 98.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-20

Status published

Products (1)

n/a/Intel(R) Neural Compressor software before version 2.5.0

Published May 16, 2024

Tracked Since Feb 18, 2026