Potential Escalation of Privilege Vulnerability in Intel UEFI Firmware
CVE-2023-22351

6.9MEDIUM

Key Information:

Vendor: Intel
Status: Uefi Firmware For Some Intel(r) Processors
Vendor: CVE Published:; 16 September 2024

What is CVE-2023-22351?

An out-of-bounds write vulnerability exists in the UEFI firmware for certain Intel processors. This flaw may enable a privileged user to execute unauthorized actions through local access, leading to potential escalation of privileges. Users of affected Intel products should apply available mitigations and stay informed about updates to ensure system security.

Affected Version(s)

UEFI firmware for some Intel(R) Processors See references

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2024
Vulnerability Reserved
Feb 17, 2023

JSON