Sensitive Information Exposure in Intel Optane SSD Firmware
CVE-2023-24588

5.9MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Optane(tm) Ssd Products
Vendor: CVE Published:; 14 November 2023

What is CVE-2023-24588?

A vulnerability in the firmware of specific Intel Optane SSD products could allow an unauthorized actor to access sensitive information if they have physical access to the device. This risk raises concerns as it may enable information disclosure without the need for authentication, posing a significant threat to data security. Users are advised to consult official sources to understand the implications and possible mitigations.

Affected Version(s)

Intel(R) Optane(TM) SSD products firmware for some Intel(R) Optane(TM) SSD products

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 14, 2023
Vulnerability Reserved
Mar 8, 2023