Physical Access Vulnerability Affects Intel CSME Firmware
CVE-2023-40067

5.7MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Csme
Vendor: CVE Published:; 14 August 2024

What is CVE-2023-40067?

A flaw in the firmware of Intel's Converged Security Management Engine (CSME) poses a significant risk, as it allows for unchecked return values. This vulnerability can potentially enable an unauthenticated user to exploit physical access to escalate privileges within the affected systems. As the attacker may initiate unauthorized actions, immediate updates and security measures are advisable for users of impacted Intel CSME firmware to safeguard their systems against potential threats. For detailed information, refer to the Intel security advisory.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Intel(R) CSME See references

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V4

Score:

5.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Physical

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Aug 14, 2024
Vulnerability Reserved
Oct 5, 2023

JSON

Intel

What is CVE-2023-40067?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.