Privilege Escalation Vulnerability in Intel Connectivity Performance Suite
CVE-2023-43747

6.7MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Connectivity Performance Suite Software Installers
Vendor: CVE Published:; 14 August 2024

What is CVE-2023-43747?

A security vulnerability exists in the Intel Connectivity Performance Suite software installers due to incorrect default permissions. This issue affects versions prior to 2.0, allowing an authenticated local user to potentially escalate their privileges. Attackers could exploit this vulnerability to gain unauthorized access to sensitive functions and data within the application, posing significant security risks. Organizations utilizing this software should assess their installations and apply necessary patches to mitigate the risk.

Affected Version(s)

Intel(R) Connectivity Performance Suite software installers before version 2.0

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 14, 2024
Vulnerability Reserved
Oct 5, 2023

JSON