Lucene search
IntelCVE-2023-32204HistoryNov 14, 2023 - 7:15 p.m.
CVE-2023-32204
2023-11-1419:15:25
CWE-284
intel
web.nvd.nist.gov
18
cve-2023-32204
intel
ofu
access control
privilege escalation
CVSS3
8.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS
0
Percentile
9.0%
Improper access control in some Intelยฎ OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access.
Affected configurations
Node
intelone_boot_flash_updateRange<14.1.31
| Vendor | Product | Version | CPE |
|---|---|---|---|
| intel | one_boot_flash_update | * | cpe:2.3:a:intel:one_boot_flash_update:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "n/a",
"product": "Intel(R) OFU software",
"versions": [
{
"version": "before version 14.1.31",
"status": "affected"
}
],
"defaultStatus": "unaffected"
}
]Related
prion
prion
Improper access control
2023-11-14 19:15:00
cvelist
cvelist
CVE-2023-32204
2023-11-14 19:05:00
nvd
nvd
CVE-2023-32204
2023-11-14 19:15:25
vulnrichment
vulnrichment
CVE-2023-32204
2023-11-14 19:05:00
intel
intel
Intelยฎ OFU Software Advisory
2023-11-14 00:00:00
CVSS3
8.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS
0
Percentile
9.0%
Related for CVE-2023-32204