First published: Tue Nov 14 2023(Updated: )
Uncontrolled search path in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com
Affected Software | Affected Version | How to fix |
---|---|---|
Intel One Boot Flash Update | <14.1.31 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-29161 is a vulnerability in some Intel(R) OFU software before version 14.1.31 that may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-29161 has a severity rating of 7.8 (high).
CVE-2023-29161 affects Intel One Boot Flash Update software versions up to and excluding 14.1.31.
An authenticated user with local access can potentially exploit CVE-2023-29161 to enable escalation of privilege.
Yes, upgrading to version 14.1.31 or newer of Intel(R) OFU software will address the vulnerability.