CVE-2023-46691Use After Free in Intel Power Gadget

CWE-416Use After Free3 documents3 sources
Severity
7.8HIGHNVD
CNA7.9
EPSS
0.1%
top 71.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Power Gadget
Timeline
PublishedMay 16

Description

Use after free in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

NVDintel/power_gadget< 3.6.0

🔴Vulnerability Details

2
GHSA
GHSA-rc4w-w44g-cc33: Use after free in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privileg2024-05-16
CVEList
CVE-2023-46691: Use after free in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privileg2024-05-16
CVE-2023-46691 — Use After Free in Intel Power Gadget | cvebase