Lucene search

HP Product Security Response TeamHPSBHF03886

HistoryNov 20, 2023 - 12:00 a.m.

Intel Extreme Tuning Utility (XTU) November 2023 Security Update

2023-11-2000:00:00

HP Product Security Response Team

support.hp.com

intel

xtu

security

update

privilege escalation

vulnerability

platforms

software

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

Intel has informed HP of a potential security vulnerability in some Intel® Extreme Tuning Utility (XTU) software, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability.

Intel has released updates to mitigate the potential vulnerability. HP has identified affected platforms and corresponding SoftPaqs with minimum versions that mitigate the potential vulnerabilities. See the affected platforms listed below.

Affected configurations

Vulners

Node

hpomen_gaming_hubRange<1.0.78

hphp_15-ay0xx\,_15t-ay000Range<1.0.78

hphp_pavilion_x360_14-dh0xxx\,_14t-dh000Range<1.0.78

hphp_pavilion_x360_14-dh1xxx\,_14t-dh100Range<1.0.78

hphp_pavilion_x360_14-ek0xxx\,_14t-ek000Range<1.0.78

hphp_pavilion_x360_14-ek1xxx\,_14t-ek100Range<1.0.78

hphp_15-db1xxx\,_15z-db100Range<1.0.78

hpomen_gaming_hubRange<1.0.78

hphp_17-c1000\,_17-cn1xxx\,_17t-cn100Range<1.0.78

hpomen_gaming_hubRange<1.0.78

hphp_14-ck1xxx\,_14t-ck100Range<1.0.78

hpomen_gaming_hubRange<1.0.78

hphp_17-c1000\,_17-cn1xxx\,_17t-cn100Range<1.0.78

hphp_14-dg0xxxRange<1.0.78

hpvictus_by_hp_15-fa1xxxRange<1.0.78

hpvictus_by_hp_15-fb1xxxRange<1.0.78

hpvictus_by_hp_16-d0xxxRange<1.0.78

hpvictus_by_hp_16-d1xxx\,_16t-d100Range<1.0.78

hpvictus_by_hp_16-r0xxxRange<1.0.78

hpvictus_by_hp_16-s0xxxRange<1.0.78

hphp_desktop_190-0xxxRange<1.0.78

hphp_envy_desktop_te01-1xxxRange<1.0.78

hpomen_gaming_hubRange<1.0.78

hphp_envy_desktop_te01-1xxxRange<1.0.78

hpomen_gaming_hubRange<1.0.78

CPENameOperatorVersion
omen 15-dc0xxxlt1.0.78
omen 15-dc1xxxlt1.0.78
omen 15-dc2xxx, 15t-dc200lt1.0.78
omen 15-dh0xxx, 15t-dh000lt1.0.78
omen 15-dh1xxx, 15t-dh100lt1.0.78
omen 15-ek0xxx, 15-ek000lt1.0.78
omen 15-ek1xxx, 15-ek100lt1.0.78
omen 15-en0xxx, 15z-en000lt1.0.78
omen 15-en1xxxlt1.0.78
omen 17-cb0xxx, 17t-cb000lt1.0.78

Name	Operator	Version
omen 15-dc0xxx	lt	1.0.78
omen 15-dc1xxx	lt	1.0.78
omen 15-dc2xxx, 15t-dc200	lt	1.0.78
omen 15-dh0xxx, 15t-dh000	lt	1.0.78
omen 15-dh1xxx, 15t-dh100	lt	1.0.78
omen 15-ek0xxx, 15-ek000	lt	1.0.78
omen 15-ek1xxx, 15-ek100	lt	1.0.78
omen 15-en0xxx, 15z-en000	lt	1.0.78
omen 15-en1xxx	lt	1.0.78
omen 17-cb0xxx, 17t-cb000	lt	1.0.78

Rows per page:

1-10 of 511

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for HPSBHF03886