A potential security vulnerability in the Intel® Easy Streaming Wizard software may allow escalation of privilege. Intel is not releasing updates to mitigate this potential vulnerability and has issued a Product Discontinuation Notice for the Intel® Easy Streaming Wizard software.
CVEID: CVE-2023-26587
Description: Improper input validation for the Intel® Easy Streaming Wizard software may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS Base Score: 7.8 High
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Intel® Easy Streaming Wizard software all versions.
Intel has issued a Product Discontinuation notice for the Intel® Easy Streaming Wizard software and recommends that users of the Intel® Easy Streaming Wizard software uninstall it or discontinue use at their earliest convenience.
Intel would like to thank Aobo Wang of Chaitin Security Research Lab for reporting this issue.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.