A potential security vulnerability in the Intel® Connectivity Performance Suite software for some Intel® Wireless Products may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability.
CVEID: CVE-2023-32279
Description: Improper access control in user mode driver for some Intel® Connectivity Performance Suite before version 2.1123.214.2 may allow unauthenticated user to potentially enable information disclosure via network access.
CVSS Base Score: 7.5 High
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Intel® Connectivity Performance Suite software before version 2.1123.214.2.
Intel recommends that users of Intel® Connectivity Performance Suite software update to the latest version provided by the system manufacturer that addresses these issues.
This issue was found internally by Intel employees. Intel would like to thank Motty Alon.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.