CVE-2023-22841

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Aug 11, 2023

Updated: Nov 7, 2023

CWE ID 427

CWE ID 428

Summary

CVE-2023-22841 is a vulnerability affecting the System Firmware Update Utility (SysFwUpdt) on some Intel server boards and systems based on Intel 621A Chipset. The issue lies in an unquoted search path within the software installer, which could potentially enable an authenticated user to escalate privileges via local access. This vulnerability may pose a significant risk if exploited, and users are advised to update their systems to the latest version of SysFwUpdt as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sRa7fB
https://www.cve.org/CVERecord?id=CVE-2023-22841
https://nvd.nist.gov/vuln/detail/CVE-2023-22841

Back to Vulnerability Database

CVE-2023-22841

CVSS 3.1 Score 7.3 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations