CVE-2023-32658
First published: Tue Nov 14 2023(Updated: )
Unquoted search path in some Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Hdmi Firmware | <1.79.1.1 | |
| Intel Nuc 7 Business Nuc7i3dnhnc | ||
| Intel Nuc 7 Business Nuc7i3dnktc | ||
| Intel Nuc 7 Business Nuc7i5dnkpc | ||
| Intel Nuc 7 Business Nuc7i5dnkpu | ||
| Intel Nuc Kit Nuc7i3dnhe | ||
| Intel Nuc Kit Nuc7i3dnke | ||
| Intel Nuc Kit Nuc7i5dnhe | ||
| Intel Nuc Kit Nuc7i5dnke | ||
| Intel Nuc Kit Nuc7i7dnhe | ||
| Intel Nuc Kit Nuc7i7dnke |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-32658?
CVE-2023-32658 is a vulnerability in some Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 that may allow an authenticated user to potentially enable escalation of privilege via local access.
What is the severity of CVE-2023-32658?
The severity of CVE-2023-32658 is high with a severity value of 7.3.
Which software versions are affected by CVE-2023-32658?
The Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software versions before 1.79.1.1 are affected by CVE-2023-32658.
How can an authenticated user potentially enable escalation of privilege via local access with CVE-2023-32658?
An authenticated user can potentially enable escalation of privilege via local access by exploiting the unquoted search path vulnerability in the Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software.
Where can I find more information about CVE-2023-32658?
You can find more information about CVE-2023-32658 at the following link: [Intel SA-00908 Advisory](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html).
- collector/nvd-api
- agent/event
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/remedy
- agent/last-modified-date
- agent/tags
- agent/description
- vendor/intel
- canonical/intel hdmi firmware
- canonical/intel nuc 7 business nuc7i3dnhnc
- canonical/intel nuc 7 business nuc7i3dnktc
- canonical/intel nuc 7 business nuc7i5dnkpc
- canonical/intel nuc 7 business nuc7i5dnkpu
- canonical/intel nuc kit nuc7i3dnhe
- canonical/intel nuc kit nuc7i3dnke
- canonical/intel nuc kit nuc7i5dnhe
- canonical/intel nuc kit nuc7i5dnke
- canonical/intel nuc kit nuc7i7dnhe
- canonical/intel nuc kit nuc7i7dnke