CVE-2023-32660

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Nov 14, 2023

Updated: Nov 20, 2023

CWE ID 427

Summary

CVE-2023-32660 is a vulnerability affecting some versions of Intel(R) NUC Kit NUC6i7KYK Thunderbolt(TM) 3 Firmware Update Tool. This issue involves an uncontrolled search path during installation, which could enable an authenticated user to potentially escalate privileges locally. Successful exploitation could result in significant system compromise, making it crucial for users to install the latest version of the firmware update tool to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Intel Corp.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tZ9xgb
https://www.cve.org/CVERecord?id=CVE-2023-32660
https://nvd.nist.gov/vuln/detail/CVE-2023-32660

Back to Vulnerability Database

CVE-2023-32660

CVSS 3.1 Score 7.3 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations