Lucene search
IntelCVE-2023-32633HistoryMar 14, 2024 - 5:15 p.m.
CVE-2023-32633
2024-03-1417:15:50
CWE-20
intel
web.nvd.nist.gov
33
cve-2023-32633
input validation
intel
csme
installer
software
escalation of privilege
local access
nvd
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
AI Score
7
Confidence
High
EPSS
0
Percentile
9.0%
Improper input validation in the Intel® CSME installer software before version 2328.5.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Affected configurations
Node
intelconverged_security_and_manageability_engineRange<2328.5.5.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| intel | converged_security_and_manageability_engine | * | cpe:2.3:a:intel:converged_security_and_manageability_engine:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "n/a",
"product": "Intel(R) CSME installer software",
"versions": [
{
"version": "before version 2328.5.5.0",
"status": "affected"
}
],
"defaultStatus": "unaffected"
}
]Related
vulnrichment
vulnrichment
CVE-2023-32633
2024-03-14 16:45:49
nvd
nvd
CVE-2023-32633
2024-03-14 17:15:50
cvelist
cvelist
CVE-2023-32633
2024-03-14 16:45:49
hp
hp
Intel 2024.1 IPU - Chipset Software March 2024 Security Update
2024-03-13 00:00:00
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
AI Score
7
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVE-2023-32633