Potential Escalation of Privilege via Local Access
CVE-2023-35062

6.7MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Dsa Software
Vendor: CVE Published:; 14 February 2024

What is CVE-2023-35062?

An improper access control vulnerability has been identified in Intel Data Streaming Accelerator software, allowing a privileged user the possibility to escalate their privileges through local access. This security flaw affects versions prior to 23.4.33 and poses risks that could lead to unauthorized actions within compromised systems. Users and administrators of affected Intel DSA software should implement mitigation strategies to safeguard against potential exploitation and ensure system integrity.

Affected Version(s)

Intel(R) DSA software before version 23.4.33

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 14, 2024
Vulnerability Reserved
Jun 22, 2023