Potential Escalation of Privilege Vulnerability in Intel SSU Software
CVE-2023-40156

7.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Ssu Software
Vendor: CVE Published:; 14 February 2024

What is CVE-2023-40156?

An improper search path element issue in Intel System Support Utility (SSU) software versions prior to 3.0.0.2 could allow an authenticated user to potentially escalate privileges via local access. This vulnerability may pose significant risks, as it could lead to unauthorized access and manipulation of sensitive data on affected systems. Users are strongly advised to update to the latest version of the software to mitigate this risk.

Affected Version(s)

Intel(R) SSU software before version 3.0.0.2

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 14, 2024
Vulnerability Reserved
Sep 14, 2023