Vulnerabilities > CVE-2023-39425 - Unspecified vulnerability in Intel Driver & Support Assistant

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

intel

NVD

Published: 2024-02-14

Updated: 2024-10-24

Summary

Improper access control in some Intel(R) DSA software before version 23.4.33 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vulnerable Configurations

Part	Description	Count
Application	Intel Intel Driver & Support Assistant - Intel Driver & Support Assistant 3.1.1 Intel Driver & Support Assistant 3.5.0.1 Intel Driver & Support Assistant 19.3.12.3 Intel Driver & Support Assistant 19.4.18.9 Intel Driver & Support Assistant 19.7.30.2 Intel Driver & Support Assistant 20.1.5 Intel Driver & Support Assistant 20.7.26.7 Intel Driver & Support Assistant 20.8.30.6 Intel Driver & Support Assistant 21.4.29 Intel Driver & Support Assistant 21.5.33 Intel Driver & Support Assistant 21.6.39 Intel Driver & Support Assistant 21.7.50 Intel Driver & Support Assistant 22.1.8 Intel Driver & Support Assistant 22.2.14 Intel Driver & Support Assistant 22.3.20 Intel Driver & Support Assistant 22.4.26 Intel Driver & Support Assistant 22.5.34 Intel Driver & Support Assistant 23.1.9	19

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00969.html