CVE-2021-0108: 
Homebrew vulnerability analysis and mitigation

An uncontrolled search path vulnerability was identified in the Intel Unite(R) Client for Windows before version 4.2.25031. The vulnerability was assigned CVE-2021-0108 and was discovered by a researcher known as Ocher. The issue was publicly disclosed on June 8, 2021, affecting Intel Unite Client installations on Windows systems (Intel Advisory).

The vulnerability is classified as an Uncontrolled Search Path Element (CWE-427). It received a CVSS v3.1 Base Score of 7.3 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H. This indicates that the vulnerability requires local access, low attack complexity, low privileges, and user interaction to exploit, but can result in high impacts to confidentiality, integrity, and availability (NVD).

If successfully exploited, this vulnerability could allow an authenticated user to escalate privileges on the affected system through local access. The high CVSS score indicates significant potential impact on system security, particularly concerning confidentiality, integrity, and availability (NVD).

Intel has addressed this vulnerability by releasing version 4.2.25031 of the Intel Unite Client for Windows. Users are advised to update to this version or later to mitigate the security risk (Intel Advisory).