Potential Escalation of Privilege Vulnerability in Intel GPA Framework Software Installers
CVE-2023-43748

7.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Gpa Framework Software Installers
Vendor: CVE Published:; 16 May 2024

What is CVE-2023-43748?

An improper access control vulnerability exists in the Intel GPA Framework software installers that may allow an authenticated user to enable privilege escalation through local access. This issue affects installations prior to version 2023.3, potentially exposing systems to risks by permitting elevated permissions that should not be accessible to regular users. This type of vulnerability emphasizes the importance of stringent access controls within software deployment processes to mitigate unauthorized actions.

Affected Version(s)

Intel(R) GPA Framework software installers before version 2023.3

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 16, 2024
Vulnerability Reserved
Oct 12, 2023