Improper Access Control in Intel OFU Software
CVE-2023-32204

8.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Ofu Software
Vendor: CVE Published:; 14 November 2023

What is CVE-2023-32204?

In some versions of Intel OFU software prior to 14.1.31, improper access control settings may allow an authenticated user to escalate their privileges through local access. This vulnerability could pose a security risk, enabling unauthorized actions within the system.

Affected Version(s)

Intel(R) OFU software before version 14.1.31

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 14, 2023
Vulnerability Reserved
May 5, 2023