CVE-2023-25075

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 14, 2023

Updated: Nov 28, 2023

CWE ID 428

Summary

CVE-2023-25075 is a newly disclosed vulnerability affecting the installer of some Intel Server Configuration Utility software versions prior to 16.0.9. This issue involves an unquoted search path, which can potentially be exploited by authenticated users to escalate their privileges locally. By taking advantage of this flaw, attackers could gain elevated access to the system, increasing the risk of data theft or unauthorized modifications. The vulnerability underscores the importance of keeping software up-to-date to mitigate potential security threats.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Intel Corp.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/Staiqb2t
https://www.cve.org/CVERecord?id=CVE-2023-25075
https://nvd.nist.gov/vuln/detail/CVE-2023-25075

Back to Vulnerability Database

CVE-2023-25075

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations