CVE-2023-30763

2023-05-1215:15:09

CWE-787

CWE-122

[email protected]

web.nvd.nist.gov

cve-2023-30763

intel

soc watch

heap-based overflow

privilege escalation

security vulnerability

7.2 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H

0.0004 Low

EPSS

Percentile

9.1%

JSON

Heap-based overflow in Intel® SoC Watch based software before version 2021.1 may allow a privileged user to potentially enable escalation of privilege via local access.

Affected configurations

Vulners

NVD

Node

intelsoc_watchRange<2021.1

CPENameOperatorVersion
intel:battery_life_diagnostic_toolintel battery life diagnostic toollt1.2
intel:oneapi_base_toolkitintel oneapi base toolkitlt2021.4.0
intel:soc_watchintel soc watchlt2021.1

CPE	Name	Operator	Version
intel:battery_life_diagnostic_tool	intel battery life diagnostic tool	lt	1.2
intel:oneapi_base_toolkit	intel oneapi base toolkit	lt	2021.4.0
intel:soc_watch	intel soc watch	lt	2021.1

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel(R) SoC Watch based software",
    "versions": [
      {
        "version": "before version 2021.1",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]