Race Condition in UEFI Firmware May Enable Local Escalation of Privileges
CVE-2023-41833
7.5HIGH
Key Information:
- Vendor
- Intel
- Vendor
- CVE Published:
- 16 September 2024
Summary
A race condition vulnerability has been identified within the UEFI firmware associated with specific Intel processors. This flaw potentially enables a privileged user to escalate privileges through local means, which could facilitate further unauthorized access and manipulation of the affected systems. Users of these Intel processors should evaluate their systems for potential exposure to this vulnerability in order to implement appropriate security measures.
Affected Version(s)
UEFI firmware for some Intel(R) processors See references
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved