CVE-2023-25075
First published: Tue Nov 14 2023(Updated: )
Unquoted search path in the installer for some Intel Server Configuration Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Server Configuration Utility | <16.0.9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-25075?
CVE-2023-25075 is a vulnerability that exists in the installer for some Intel Server Configuration Utility software before version 16.0.9, which allows an authenticated user to potentially enable escalation of privilege via local access.
What is the severity of CVE-2023-25075?
The severity of CVE-2023-25075 is high, with a severity score of 7.8.
Which software versions are affected by CVE-2023-25075?
All versions of Intel Server Configuration Utility software before version 16.0.9 are affected by CVE-2023-25075.
How can an authenticated user exploit CVE-2023-25075?
An authenticated user can potentially enable escalation of privilege via local access to exploit CVE-2023-25075.
Where can I find more information about CVE-2023-25075?
You can find more information about CVE-2023-25075 in the Intel Security Advisory Intel-SA-00925 at the following link: [https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00925.html](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00925.html)
- collector/nvd-api
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/remedy
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/intel
- canonical/intel server configuration utility