CVE-2023-32641Improper Input Validation in Intel Quickassist Technology

CWE-20Improper Input Validation3 documents3 sources
Severity
8.8HIGHNVD
CNA7.3
EPSS
0.1%
top 74.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Quickassist Technology
Timeline
PublishedNov 14

Description

Improper input validation in firmware for Intel(R) QAT before version QAT20.L.1.0.40-00004 may allow escalation of privilege and denial of service via adjacent access.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

NVDintel/quickassist_technology< 1.0.40-00004

🔴Vulnerability Details

2
CVEList
CVE-2023-32641: Improper input validation in firmware for Intel(R) QAT before version QAT202023-11-14
GHSA
GHSA-fx6p-v7mp-pw72: Improper input validation in firmware for Intel(R) QAT before version QAT202023-11-14
CVE-2023-32641 — Improper Input Validation in Intel | cvebase