CVE-2023-32272

CWE-4274 documents4 sources

Severity

5.5MEDIUM

EPSS

0.1%

top 76.55%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel NUC PRO Software Suite

Timeline

PublishedJan 19

Description

Uncontrolled search path in some Intel NUC Pro Software Suite Configuration Tool software installers before version 3.0.0.6 may allow an authenticated user to potentially enable denial of service via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:HExploitability: 1.5 | Impact: 5.8

Affected Packages2 packages

▶CVEListV5intel_nuc_pro_software_suite_configuration_tool_software_installersbefore version 3.0.0.6

▶NVDintel/nuc_pro_software_suite3.0.0.6

🔴Vulnerability Details

GHSA

GHSA-2vwx-chw3-xxm7: Uncontrolled search path in some Intel NUC Pro Software Suite Configuration Tool software installers before version 3↗2024-01-19

▶

CVEList

CVE-2023-32272: Uncontrolled search path in some Intel NUC Pro Software Suite Configuration Tool software installers before version 3↗2024-01-19

▶

OSV

faad2 vulnerabilities↗2023-08-29

▶