CVE-2024-45067 is a medium-severity vulnerability affecting Intel(R) Gaudi(R) software installers prior to version 1.18. The issue stems from incorrect default permissions set on certain installer components, which may allow an authenticated local user to escalate their privileges on the affected system. Specifically, the vulnerability requires that the attacker already has some level of authenticated access (local access with limited privileges) and can exploit the improper permission settings to gain higher privileges, potentially administrative or root-level. The vulnerability does not require network access and involves local exploitation with user interaction. The CVSS 4.0 vector indicates low attack complexity and privileges required are low, but user interaction is necessary. The impact on confidentiality, integrity, and availability is high, meaning that a successful exploit could allow an attacker to fully control the system or manipulate sensitive data. However, there are no known exploits in the wild at this time, and no patches or mitigation links have been provided yet. Intel Gaudi is a specialized AI training accelerator platform, so this vulnerability primarily affects environments using this hardware and associated software installers, typically in data centers or research institutions deploying AI workloads.

For European organizations, especially those involved in AI research, data centers, and enterprises deploying Intel Gaudi accelerators, this vulnerability poses a risk of local privilege escalation. An attacker with limited access (e.g., a low-privileged user or a compromised account) could leverage this flaw to gain administrative control over the system, potentially leading to unauthorized access to sensitive AI models, training data, or intellectual property. This could result in data breaches, disruption of AI workloads, or manipulation of AI outputs. Given the increasing adoption of AI technologies across Europe, including in countries with strong AI research sectors such as Germany, France, and the Netherlands, the impact could be significant if exploited. The vulnerability does not directly allow remote exploitation, so the threat is more relevant in environments where multiple users have local access or where attackers have already penetrated the network perimeter.

Organizations should prioritize upgrading Intel Gaudi software installers to version 1.18 or later as soon as it becomes available to address the incorrect default permissions. Until patches are released, administrators should audit and manually correct file and directory permissions related to the Gaudi software installers to ensure that only authorized users have write or execute permissions. Implement strict access controls and monitoring on systems running Gaudi software to detect unusual privilege escalation attempts. Employ the principle of least privilege for user accounts and restrict local access to trusted personnel only. Additionally, consider deploying endpoint detection and response (EDR) solutions to identify suspicious local activities. Regularly review and update security policies related to AI infrastructure and ensure that all software components are kept up to date with vendor advisories.