CVE-2023-32662

CWE-2853 documents3 sources

Severity

6.7MEDIUM

EPSS

0.0%

top 85.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Battery Life Diagnostic Tool

Timeline

PublishedNov 14

Description

Improper authorization in some Intel Battery Life Diagnostic Tool installation software before version 2.2.1 may allow a privilaged user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5intel_battery_life_diagnostic_tool_installation_softwarebefore version 2.2.1

▶NVDintel/battery_life_diagnostic_tool< 2.2.1

🔴Vulnerability Details

CVEList

CVE-2023-32662: Improper authorization in some Intel Battery Life Diagnostic Tool installation software before version 2↗2023-11-14

▶

GHSA

GHSA-qpw8-mj26-5rc9: Improper authorization in some Intel Battery Life Diagnostic Tool installation software before version 2↗2023-11-14

▶