Uncontrolled Search Path Vulnerability in Intel Server Board M10JNP2SB Video Drivers
CVE-2023-34355

6.7MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Server Board M10jnp2sb Integrated Bmc Video Drivers
Vendor: CVE Published:; 11 August 2023

What is CVE-2023-34355?

The vulnerability in Intel's Server Board M10JNP2SB integrated BMC video drivers prior to version 3.0 for Microsoft Windows and version 1.13.4 for Linux allows authenticated users to exploit the uncontrolled search path element. This flaw may enable local users to escalate their privileges, potentially gaining unauthorized access to system resources. It is crucial for users and system administrators to apply the latest driver updates to safeguard against potential exploitation.

Affected Version(s)

Intel(R) Server Board M10JNP2SB integrated BMC video drivers before version 3.0 for Microsoft Windows and before version 1.13.4 for linux

References

http://www.intel.com/content/www/us/en/security-center/ad...

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 11, 2023
Vulnerability Reserved
Jun 6, 2023