Potential Escalation of Privilege Vulnerability in Intel Power Gadget Software for macOS
CVE-2023-40070

8.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Power Gadget Software For Mac OS
Vendor: CVE Published:; 16 May 2024

What is CVE-2023-40070?

An improper access control vulnerability in the Intel Power Gadget software for macOS allows authenticated users to potentially escalate privileges through local access. This security concern emphasizes the importance of comprehensive security assessments and ongoing vigilance for users of this software. Organizations leveraging Intel Power Gadget should evaluate their usage and implement necessary security measures to mitigate any risks presented by this vulnerability.

Affected Version(s)

Intel(R) Power Gadget software for macOS See references

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 16, 2024
Vulnerability Reserved
Nov 9, 2023