Lucene search

IntelCVELIST:CVE-2023-38570

HistoryNov 14, 2023 - 7:04 p.m.

CVE-2023-38570

2023-11-1419:04:31

CWE-788

intel

www.cve.org

cve-2023-38570

memory location access

buffer overflow

privilege escalation

local access

intel unison software

5.3 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

0.001 Low

EPSS

Percentile

26.1%

JSON

Access of memory location after end of buffer for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel Unison software",
    "versions": [
      {
        "version": "See references",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00963.html