Vulnerabilities > CVE-2023-28385 - Unspecified vulnerability in Intel Next Unit of Computing Firmware

CVSS 6.7 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

intel

NVD

Published: 2023-08-11

Updated: 2023-11-07

Summary

Improper authorization in the Intel(R) NUC Pro Software Suite for Windows before version 2.0.0.9 may allow a privileged user to potentially enable escalation of privilage via local access.

Vulnerable Configurations

Part	Description	Count
OS	Intel Intel Next Unit OF Computing Firmware *	1
OS	Microsoft Microsoft Windows -	1

References

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00868.html