Improper Access Control in Intel OFU Software
CVE-2023-32204

8.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Ofu Software
Vendor: CVE Published:; 14 November 2023

Summary

In some versions of Intel OFU software prior to 14.1.31, improper access control settings may allow an authenticated user to escalate their privileges through local access. This vulnerability could pose a security risk, enabling unauthorized actions within the system.

Affected Version(s)

Intel(R) OFU software before version 14.1.31

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Nov 14, 2023
Vulnerability Reserved
May 5, 2023