Potential Privilege Escalation Vulnerability in Intel(R) SUR for Gameplay Software
CVE-2023-40154

7.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Sur For Gameplay Software
Vendor: CVE Published:; 14 February 2024

What is CVE-2023-40154?

The vulnerability presents an issue with the default permissions set in Intel's SUR for Gameplay Software, prior to version 2.0.1901. This design flaw may permit a privileged user to exploit local access, allowing for the potential escalation of permissions. Implementing updates and reviewing permission settings are recommended to mitigate associated risks.

Affected Version(s)

Intel(R) SUR for Gameplay Software before version 2.0.1901

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 14, 2024
Vulnerability Reserved
Sep 7, 2023