CVE-2023-22351

Summary

CVE-2023-22351 describes an out-of-bounds write vulnerability in the UEFI firmware of certain Intel processors, which could allow a local privileged user to escalate their privileges. This vulnerability has a medium severity rating with a CVSS base score of 6.1 and requires high privileges to exploit, indicating that it poses a significant risk if exploited in environments where local access is possible. The integrity impact is rated as high, while confidentiality impact is none, suggesting that compromised systems could be altered without detection. To remediate this vulnerability, organizations are advised to apply firmware updates provided by Intel, which can be found in their security advisory linked here. Failure to address this issue could lead to unauthorized modifications of system settings or data by users with local access.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.