CVE-2024-45067 is a vulnerability identified in Intel(R) Gaudi(R) software installers prior to version 1.18, caused by incorrect default permissions set during installation. These improper permissions allow an authenticated user with local access and low privileges to escalate their privileges on the affected system. The vulnerability is classified as an escalation of privilege (EoP) issue, meaning an attacker who already has some level of access can leverage this flaw to gain higher-level privileges, potentially administrative or root-level. The CVSS 4.0 base score is 5.4 (medium severity), reflecting that exploitation requires local access (AV:L), low attack complexity (AC:L), and privileges (PR:L), with user interaction (UI:A) necessary. The impact on confidentiality, integrity, and availability is high (VC:H, VI:H, VA:H), indicating that successful exploitation could lead to significant compromise of system security. No network vector or scope change is involved, so the vulnerability is confined to the local system context. The flaw stems from default permission settings in the installer software, which may allow unauthorized modification or execution of privileged components. Intel Gaudi processors and software are specialized AI accelerators used in data centers and AI workloads, making this vulnerability relevant to organizations deploying AI infrastructure. No known exploits have been reported in the wild, but the presence of local privilege escalation can facilitate further attacks if combined with other vulnerabilities or insider threats.

The primary impact of CVE-2024-45067 is the potential for an authenticated local user to escalate privileges, which can lead to full system compromise. This can result in unauthorized access to sensitive data, modification or deletion of critical files, and disruption of AI workloads running on affected systems. For organizations deploying Intel Gaudi accelerators in data centers or AI research environments, this vulnerability could undermine the security of AI model training and inference processes, potentially exposing intellectual property or sensitive operational data. The requirement for local access limits the attack surface to environments where multiple users share systems or where attackers have gained initial footholds with limited privileges. However, once exploited, the attacker could gain administrative control, enabling persistence, lateral movement, or deployment of further malware. The vulnerability could also affect supply chain security if compromised systems are used to build or deploy AI models. Given the growing adoption of AI accelerators globally, the impact could be significant in sectors such as technology, finance, healthcare, and government research.

To mitigate CVE-2024-45067, organizations should immediately update Intel Gaudi software installers to version 1.18 or later, where the permission issues have been corrected. In addition, administrators should audit and harden local file and directory permissions associated with the installer and installed components to ensure that only authorized users have write or execute access. Employing the principle of least privilege for all users on systems running Intel Gaudi software is critical to reduce the risk of exploitation. Monitoring and logging local user activities can help detect suspicious privilege escalation attempts. For environments with shared access, consider isolating AI workloads on dedicated systems or using containerization to limit the impact of potential compromises. Regularly review and apply security patches from Intel and maintain an inventory of affected systems to prioritize remediation. Finally, implement endpoint detection and response (EDR) solutions capable of identifying unusual privilege escalation behaviors on local hosts.