Potential Escalation of Privilege Vulnerability in Intel BIOS Guard
CVE-2023-27504

7.2HIGH

Key Information:

Vendor: Intel
Status: Intel(r) BiOS Guard Firmware
Vendor: CVE Published:; 16 May 2024

What is CVE-2023-27504?

A vulnerability exists in Intel BIOS Guard firmware due to improper conditions check. This flaw may enable a privileged user to escalate their privileges through local access. Affected systems could be vulnerable to unauthorized access, allowing attackers with local access to potentially exploit this issue to gain elevated privileges. System administrators are advised to review the implicated firmware versions and apply necessary patches to safeguard against this risk.

Affected Version(s)

Intel(R) BIOS Guard firmware See references

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 16, 2024
Vulnerability Reserved
May 6, 2023