Privilege Escalation Vulnerability in Intel System Security Report Firmware
CVE-2023-48267

8.6HIGH

Key Information:

Vendor: Intel
Status: Intel(r) System Security Report And System Resources Defense Firmware
Vendor: CVE Published:; 12 February 2025

What is CVE-2023-48267?

A vulnerability exists in Intel's System Security Report and System Resources Defense firmware due to improper buffer restrictions. This flaw may allow a privileged user to escalate privileges via local access, potentially compromising the system's integrity and security. Prompt attention and updates to the affected firmware products are recommended to mitigate this risk.

Affected Version(s)

Intel(R) System Security Report and System Resources Defense firmware See references

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 12, 2025
Vulnerability Reserved
Nov 28, 2023