Potential Escalation of Privilege Vulnerability in Intel UEFI Firmware
CVE-2023-22351

6.1MEDIUM

Key Information:

Vendor: Intel
Status: Uefi Firmware For Some Intel(r) Processors
Vendor: CVE Published:; 16 September 2024

What is CVE-2023-22351?

An out-of-bounds write vulnerability exists in the UEFI firmware for certain Intel processors. This flaw may enable a privileged user to execute unauthorized actions through local access, leading to potential escalation of privileges. Users of affected Intel products should apply available mitigations and stay informed about updates to ensure system security.

Affected Version(s)

UEFI firmware for some Intel(R) Processors See references

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2024
Vulnerability Reserved
Feb 17, 2023