Incorrect Default Permissions May Allow Escalation of Privilege via Local Access
CVE-2023-42668

6.7MEDIUM

Key Information:

Vendor: Intel
Status: Onboard Video Driver Software For Intel(r) Server Boards Based On Intel(r) 62x Chipset
Vendor: CVE Published:; 16 May 2024

Summary

The vulnerability pertains to the onboard video driver software used in Intel Server Boards configured with the Intel 62X Chipset. Prior to version 1.14, this software contained incorrect default permissions, which could allow an authenticated user to exploit local access and potentially escalate their privileges within the system. This might lead to unauthorized access and control over system resources, raising serious security concerns for environments using these components. Administrators are advised to review their installations and apply necessary security patches.

Affected Version(s)

onboard video driver software for Intel(R) Server Boards based on Intel(R) 62X Chipset before version 1.14

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
May 16, 2024
Vulnerability Reserved
Sep 14, 2023