CVE-2023-22841
Last modified
CVE-2023-22841 is a high-severity vulnerability rated 7.3/10 on the CVSS scale. Unquoted search path in the software installer for the System Firmware Update Utility (SysFwUpdt) for some Intel(R) Server Boards and Intel(R) Server Systems Based on Intel(R) 621A Chipset before version 16.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access.. EPSS estimates a 0.15% chance of exploitation in the next 30 days.
Description
Unquoted search path in the software installer for the System Firmware Update Utility (SysFwUpdt) for some Intel(R) Server Boards and Intel(R) Server Systems Based on Intel(R) 621A Chipset before version 16.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access.
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Intel | Server Firmware Update Utility | < 16.0.7 |
References
- http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00830.htmlPatch, Vendor Advisory
- http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00830.htmlPatch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2023-22841?
How severe is CVE-2023-22841?
How do I fix CVE-2023-22841?
Are you affected by CVE-2023-22841?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST