CVE-2023-34997

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 14, 2023

Updated: Nov 21, 2023

CWE ID 732

CWE ID 277

Summary

CVE-2023-34997 is a vulnerability affecting the installer of certain Intel Server Configuration Utility software versions prior to 16.0.9. This issue involves insecure inherited permissions, enabling an authenticated user with local access to potentially escalate privileges. By exploiting this weakness, an attacker could gain elevated system access, increasing the risk of unauthorized system modifications or data exfiltration. Organizations are strongly encouraged to update their installers to the latest version to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Intel Corp.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rzlEof
https://www.cve.org/CVERecord?id=CVE-2023-34997
https://nvd.nist.gov/vuln/detail/CVE-2023-34997

Back to Vulnerability Database

CVE-2023-34997

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations