Path Traversal Vulnerability in Intel NUC Uniwill Service Driver for M15 Laptop Kits
CVE-2023-32278

6.7MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Nuc Uniwill Service Driver For Intel(r) Nuc M15 Laptop Kits - Laprc510 & Laprc710 Uniwill Service Driver Installation Software
Vendor: CVE Published:; 14 November 2023

Summary

A path traversal vulnerability exists in the Intel NUC Uniwill Service Driver for Intel NUC M15 Laptop Kits. This issue impacts the installation software before version 1.0.1.7 of the Intel NUC Software Studio. If exploited by an authenticated user, it may allow for the escalation of privileges through local access, potentially leading to unauthorized changes in system configurations or access to sensitive data.

Affected Version(s)

Intel(R) NUC Uniwill Service Driver for Intel(R) NUC M15 Laptop Kits - LAPRC510 & LAPRC710 Uniwill Service Driver installation software before version 1.0.1.7 for Intel(R) NUC Software Studio

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 14, 2023
Vulnerability Reserved
May 23, 2023