Potential Escalation of Privilege via Local Access in Intel Chipset Driver Software
CVE-2023-28739

6.7MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Chipset Driver Software
Vendor: CVE Published:; 14 February 2024

Summary

The Intel Chipset Driver Software prior to version 10.1.19444.8378 contains incorrect default permissions, which may allow an authenticated user to escalate privileges through local access. This vulnerability can enable unauthorized users to manipulate system privileges, leading to potential risks in system security management. Intel provides detailed security advisory for remediation and updates on this issue.

Affected Version(s)

Intel(R) Chipset Driver Software before version 10.1.19444.8378

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 14, 2024
Vulnerability Reserved
Mar 29, 2023