CVE-2023-28405
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Aug 11, 2023
Updated: Nov 7, 2023
CWE ID 427
Summary
CVE-2023-28405 is a vulnerability affecting the Intel(R) Distribution of OpenVINO(TM) Toolkit before version 2022.3.0. This issue allows authenticated users to potentially escalate privileges through an uncontrolled search path. The toolkit fails to properly restrict the search path during execution, potentially enabling an attacker to access sensitive files or execute malicious code. This could lead to significant security implications if exploited. Users are advised to update to the latest version of OpenVINO(TM) Toolkit to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- Intel Corp.