关键漏洞信息 Intel ID: INTEL-SA-01271 Advisory Category: Software Impact of Vulnerability: Escalation of Privilege Severity Rating: MEDIUM CVE ID: CVE-2024-45067 Description: Incorrect default permissions in some Intel® Gaudi® software installers before version 1.18 may allow an authenticated user to potentially enable escalation of privilege via local access. CVSS Scores: - CVSS Base Score 3.1: 8.2 High - CVSS Vector 3.1: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H - CVSS Base Score 4.0: 5.4 Medium - CVSS Vector 4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/V:C/I:H/VA:H/SC:N/SI:N/SA:N Affected Products: Intel® Gaudi® software installer before version 1.18. Recommendation: Intel recommends updating Intel® Gaudi® software to version 1.18 or later. Updates are available for download at this location: https://vault.habana.ai/v/native/gaudi-installer Acknowledgements: Intel would like to thank Aobo Wang of Chaitin Security Research Lab for reporting this issue. Revision History: - Revision 1.0 (05/13/2025): Initial Release - Revision 1.1 (05/14/2025): Fixed severity rating