CVE-2023-27305

CWE-276Incorrect Default Permissions3 documents3 sources
Severity
7.8HIGH
EPSS
0.0%
top 85.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Intel ARC A GraphicsIntel Iris XE Graphics
Timeline
PublishedNov 14

Description

Incorrect default permissions in some Intel(R) Arc(TM) Control software before version 1.73.5335.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages3 packages

CVEListV5intel(r)_arc(tm)_control_softwarebefore version 1.73.5335.2
NVDintel/arc_a_graphics< 31.0.101.4255
NVDintel/iris_xe_graphics< 31.0.101.4255

🔴Vulnerability Details

2
GHSA
GHSA-w7qf-3h78-55fp: Incorrect default permissions in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 312023-11-14
CVEList
CVE-2023-27305: Incorrect default permissions in some Intel(R) Arc(TM) Control software before version 12023-11-14
CVE-2023-27305 (HIGH CVSS 7.8) | Incorrect default permissions in so | cvebase.io