Lucene search
IntelCVE-2023-23577HistoryAug 11, 2023 - 3:15 a.m.
CVE-2023-23577
2023-08-1103:15:18
CWE-427
intel
web.nvd.nist.gov
16
cve-2023-23577
uncontrolled search path
ite tech
infrared drivers
intel nuc
privilege escalation
CVSS3
7.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.0%
Uncontrolled search path element for some ITE Tech consumer infrared drivers before version 5.5.2.1 for Intelยฎ NUC may allow an authenticated user to potentially enable escalation of privilege via local access.
Affected configurations
Node
intelite_tech_consumer_infrared_driverRange<5.5.2.1
intelnuc_11_enthusiast_kit_nuc11phki7cMatch-
ORintelnuc_11_enthusiast_mini_pc_nuc11phki7caaMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| intel | ite_tech_consumer_infrared_driver | * | cpe:2.3:a:intel:ite_tech_consumer_infrared_driver:*:*:*:*:*:*:*:* |
| intel | nuc_11_enthusiast_kit_nuc11phki7c | - | cpe:2.3:h:intel:nuc_11_enthusiast_kit_nuc11phki7c:-:*:*:*:*:*:*:* |
| intel | nuc_11_enthusiast_mini_pc_nuc11phki7caa | - | cpe:2.3:h:intel:nuc_11_enthusiast_mini_pc_nuc11phki7caa:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "n/a",
"product": "ITE Tech consumer infrared drivers for Intel(R) NUC",
"versions": [
{
"version": "before version 5.5.2.1",
"status": "affected"
}
],
"defaultStatus": "unaffected"
}
]Related
prion
prion
Privilege escalation
2023-08-11 03:15:00
intel
intel
Intelยฎ NUC CID Advisory
2023-08-08 00:00:00
cvelist
cvelist
CVE-2023-23577
2023-08-11 02:37:05
nvd
nvd
CVE-2023-23577
2023-08-11 03:15:18
CVSS3
7.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.0%
Related for CVE-2023-23577