Uncontrolled Search Path Vulnerability in Intel CIP Software Could Lead to Escalation of Privilege
CVE-2023-35769

7.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Cip Software
Vendor: CVE Published:; 14 February 2024

What is CVE-2023-35769?

An uncontrolled search path vulnerability in Intel CIP software versions prior to 2.4.10577 enables authenticated users to leverage local access for potential privilege escalation. This flaw can be exploited by users with legitimate access, posing a significant risk to system security and integrity. Users are advised to review Intel's advisory for necessary mitigation strategies and further information.

Affected Version(s)

Intel(R) CIP software before version 2.4.10577

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 14, 2024
Vulnerability Reserved
Aug 1, 2023