CVE-2023-25174

CWE-284Improper Access Control3 documents3 sources
Severity
7.8HIGH
EPSS
0.1%
top 79.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Chipset Device Software
Timeline
PublishedFeb 14
Latest updateJan 7

Description

Improper access control in some Intel(R) Chipset Driver Software before version 10.1.19444.8378 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5intel(r)_chipset_driver_softwarebefore version 10.1.19444.8378
NVDintel/chipset_device_software< 10.1.19444.8378

🔴Vulnerability Details

2
GHSA
GHSA-h53h-w5f8-j3p6: Improper access control in some Intel(R) Chipset Driver Software before version 102025-01-07
CVEList
CVE-2023-25174: Improper access control in some Intel(R) Chipset Driver Software before version 102024-02-14
CVE-2023-25174 (HIGH CVSS 7.8) | Improper access control in some Int | cvebase.io