Uncontrolled Search Path Vulnerability in Intel GPA Framework Could Lead to Escalation of Privilege
CVE-2023-35192

7.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Gpa Framework Software
Vendor: CVE Published:; 16 May 2024

What is CVE-2023-35192?

An uncontrolled search path vulnerability has been identified in certain versions of Intel's GPA Framework software. This vulnerability allows authenticated users to exploit the search path used by the application, potentially leading to local privilege escalation. Attackers leveraging this flaw could gain unauthorized access to system functions or sensitive data. It is essential for users of the affected versions to apply necessary updates and implement mitigation strategies to safeguard their systems.

Affected Version(s)

Intel(R) GPA Framework software before version 2023.3

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 16, 2024
Vulnerability Reserved
Oct 25, 2023