Buffer Overflow Vulnerability in Intel Power Gadget Software Could Lead to Escalation of Privilege
CVE-2023-38581

8.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Power Gadget Software For Windows
Vendor: CVE Published:; 16 May 2024

What is CVE-2023-38581?

A buffer overflow vulnerability has been identified in Intel Power Gadget software for Windows. This flaw may be exploited by an authenticated user with local access, potentially enabling the execution of arbitrary code that could lead to escalation of privileges. Users are advised to apply any available updates and follow best practices for securing their systems against unauthorized access. For more information, refer to the official advisory from Intel.

Affected Version(s)

Intel(R) Power Gadget software for Windows See references

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 16, 2024
Vulnerability Reserved
Nov 9, 2023