7.3 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
9.1%
Unquoted search path in the software installer for the System Firmware Update Utility (SysFwUpdt) for some Intelยฎ Server Boards and Intelยฎ Server Systems Based on Intelยฎ 621A Chipset before version 16.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access.
CPE | Name | Operator | Version |
---|---|---|---|
intel:server_firmware_update_utility | intel server firmware update utility | lt | 16.0.7 |
[
{
"vendor": "n/a",
"product": "System Firmware Update Utility (SysFwUpdt) for some Intel(R) Server Boards and Intel(R) Server Systems Based on Intel(R) 621A Chipset",
"versions": [
{
"version": "before version 16.0.7",
"status": "affected"
}
],
"defaultStatus": "unaffected"
}
]