7 matches found
CVE-2021-33104
CVE-2021-33104 affects Intel(R) OFU (One Boot Flash Utility) software prior to version 14.1.28. The issue is improper access control that may allow an authenticated local user to cause a denial of service. Intel’s advisory and vendor notes identify affected products as OFU software before 14.1.28...
CVE-2022-41784
Intel OFU software prior to version 14.1.30 is affected by CVE-2022-41784 due to improper access control in the kernel-mode driver, potentially enabling local privilege escalation by an authenticated user. The advisory lists a high-severity impact (CVSS v3.1: 8.8, LOCAL, Privileges Required: Low)...
CVE-2022-42465
Intel’s advisory INTEL-SA-00792 documents CVE-2022-42465: improper access control in the kernel-mode driver of Intel® OFU software prior to version 14.1.30 can allow a privileged user to escalate privileges via local access. The advisory confirms affected product: Intel® OFU software before 14.1....
CVE-2023-25945
CVE-2023-25945 affects Intel® OFU software prior to version 14.1.31. The issue is a protection mechanism failure that may allow an authenticated user to escalate privileges via local access. Impact is described as local privilege escalation with high confidentiality/integrity/availability impact ...
CVE-2023-29157
The CVE-2023-29157 issue affects Intel® OFU software prior to version 14.1.31, described as improper access control that could enable privilege escalation for an authenticated local user. The connected Intel advisory lists CVE-2023-29157 and recommends updating to version 14.1.31 or later to miti...
CVE-2023-32204
CVE-2023-32204 affects Intel® One Boot Flash Update (OFU) software prior to version 14.1.31. The underlying issue is improper access control, which may allow an authenticated user to escalate privileges via local access. Documented impact: local, high-severity privileges escalation with impact to...
CVE-2023-29161
CVE-2023-29161 concerns Intel® OFU (One Boot Flash Update) software prior to version 14.1.31. The Red Hat/RedHat-like and NVD records describe an issue of Uncontrolled search path that may allow an authenticated user to achieve privilege escalation via local access . Intel’s own advisory reiterat...