Uncontrolled Search Path Vulnerability in Intel Battery Life Diagnostic Tool
CVE-2023-34430

6.7MEDIUM

Key Information:

Vendor: Intel
Status: Intel Battery Life Diagnostic Tool Software
Vendor: CVE Published:; 14 November 2023

Summary

The Intel Battery Life Diagnostic Tool software prior to version 2.2.1 contains a vulnerability due to an uncontrolled search path issue. This flaw could allow an authenticated user with local access to execute malicious actions that may lead to unintended escalation of privileges. Users and organizations utilizing this software are encouraged to upgrade to the latest version to mitigate any potential security risks. For more details, refer to Intel's security advisory.

Affected Version(s)

Intel Battery Life Diagnostic Tool software before version 2.2.1

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 14, 2023
Vulnerability Reserved
Jun 22, 2023