CVE-2023-40154

CWE-276Incorrect Default Permissions3 documents3 sources
Severity
7.8HIGH
EPSS
0.1%
top 84.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel System Usage Report
Timeline
PublishedFeb 14
Latest updateOct 23

Description

Incorrect default permissions in the Intel(R) SUR for Gameplay Software before version 2.0.1901 may allow privillaged user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5intel(r)_sur_for_gameplay_softwarebefore version 2.0.1901

🔴Vulnerability Details

2
GHSA
GHSA-rhvg-v66x-8g6g: Incorrect default permissions in the Intel(R) SUR for Gameplay Software before version 22024-10-23
CVEList
CVE-2023-40154: Incorrect default permissions in the Intel(R) SUR for Gameplay Software before version 22024-02-14
CVE-2023-40154 (HIGH CVSS 7.8) | Incorrect default permissions in th | cvebase.io