CVE-2023-32660
First published: Tue Nov 14 2023(Updated: )
Uncontrolled search path in some Intel(R) NUC Kit NUC6i7KYK Thunderbolt(TM) 3 Firmware Update Tool installation software before version 46 may allow an authenticated user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Thunderbolt 3 Controller Firmware | <46 | |
| Intel Nuc Kit Nuc6i7kyk |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID is CVE-2023-32660.
What is the title of this vulnerability?
The title of this vulnerability is 'Uncontrolled search path in some Intel(R) NUC Kit NUC6i7KYK Thunderbolt(TM) 3 Firmware Update Tool i…'.
What is the description of this vulnerability?
The description of this vulnerability is 'Uncontrolled search path in some Intel(R) NUC Kit NUC6i7KYK Thunderbolt(TM) 3 Firmware Update Tool installation software before version 46 may allow an authenticated user to potentially enable escalation of privilege via local access.'
What software is affected by this vulnerability?
The Intel Thunderbolt 3 Controller Firmware before version 46 is affected by this vulnerability.
What is the severity of this vulnerability?
The severity of this vulnerability is high with a CVSS score of 7.3.
- collector/nvd-api
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/intel
- canonical/intel thunderbolt 3 controller firmware
- canonical/intel nuc kit nuc6i7kyk