A potential security vulnerability in the Intel® Support android application may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability.
CVEID: CVE-2023-27392
Description: Incorrect default permissions in the Intel® Support android application before version v23.02.07 may allow a privileged user to potentially enable information disclosure via local access.
CVSS Base Score: 4.4 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Intel® Support android application before version v23.02.07.
Intel recommends updating the Intel® Support android application to version v23.02.07 or later.
https://play.google.com/store/apps/details?id=com.intel.ark&pli=1
Intel would like to thank Sheikh Rishad for reporting this issue.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.