Lucene search

K
zdiAnonymousZDI-23-1773
HistoryDec 13, 2023 - 12:00 a.m.

(0Day) Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability

2023-12-1300:00:00
Anonymous
www.zerodayinitiative.com
8
vulnerability
local privilege escalation
intel driver & support assistant
dsa service
symbolic link
arbitrary code
system

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.9%

This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DSA Service. By creating a symbolic link, an attacker can abuse the service to write a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.9%

Related for ZDI-23-1773