Cyber Resilience

CVE-2024-41917

Medium

Published: 12 February 2025

Published
12 February 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 5.4 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0007 20.5th percentile
Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-41917 is a medium-severity Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367) vulnerability in Intel (inferred from references). Its CVSS base score is 5.4 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 20.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and AC-6 (Least Privilege).

Deeper analysis

CVE-2024-41917 is a time-of-check time-of-use (TOCTOU) race condition vulnerability, classified under CWE-367, affecting Intel(R) Battery Life Diagnostic Tool software versions before 2.4.1. Published on 2025-02-12, it carries a CVSS v3.1 base score of 7.5 (AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H), indicating high severity with local attack vector, high attack complexity, low privileges required, user interaction needed, and changed scope leading to high impacts on confidentiality, integrity, and availability.

An authenticated user with local access and low privileges can potentially exploit this race condition to achieve escalation of privilege. The high complexity and requirement for user interaction limit feasibility, but success grants elevated access on the affected system.

Intel's security advisory INTEL-SA-01230, available at https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01230.html, addresses this issue, with mitigation via update to version 2.4.1 or later of the Intel(R) Battery Life Diagnostic Tool software.

EU & UK References

Vulnerability details

Time-of-check time-of-use race condition for some Intel(R) Battery Life Diagnostic Tool software before version 2.4.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

TOCTOU race condition in local diagnostic tool directly enables local privilege escalation via software vulnerability exploitation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-53028Shared CWE-367
CVE-2026-41651Shared CWE-367
CVE-2026-41702Shared CWE-367
CVE-2026-27750Shared CWE-367
CVE-2026-21240Shared CWE-367
CVE-2026-45208Shared CWE-367
CVE-2024-45560Shared CWE-367
CVE-2023-20548Shared CWE-367
CVE-2024-53032Shared CWE-367
CVE-2026-20831Shared CWE-367

Affected Assets

Intel
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the TOCTOU race condition by requiring timely identification, reporting, and correction of the flaw through patching to Intel Battery Life Diagnostic Tool version 2.4.1 or later.

prevent

Limits the impact of privilege escalation from low-privilege authenticated users by ensuring processes and users operate with minimal necessary privileges.

prevent

Reduces exploitation risk by configuring systems to provide only essential capabilities and prohibiting or restricting non-essential software like the vulnerable diagnostic tool.

References