Lucene search

IntelCVELIST:CVE-2023-41092

HistoryMay 16, 2024 - 8:47 p.m.

CVE-2023-41092

2024-05-1620:47:35

CWE-252

intel

www.cve.org

cve-2023-41092

denial of service

intel

firmware

sdm

fpga

authenticated user

adjacent access

7.6 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Unchecked return value in SDM firmware for Intel® Stratix 10 and Intel® Agilex 7 FPGAs before version 23.3 may allow an authenticated user to potentially enable denial of service via adjacent access.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel(R) Stratix 10 and Intel(R) Agilex 7 FPGAs",
    "versions": [
      {
        "version": "before version 23.3",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01007.html

7.6 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVELIST:CVE-2023-41092