CVE-2023-38570
First published: Tue Nov 14 2023(Updated: )
Access of memory location after end of buffer for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Unison software | <20.14.5683.0 | |
| Microsoft Windows | ||
| Intel Unison software | <20.14.4244 | |
| Google Android | ||
| Intel Unison software | <20.14.2.3053 | |
| Apple iPhone OS |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this security issue?
The vulnerability ID of this security issue is CVE-2023-38570.
What is the title of this vulnerability?
The title of this vulnerability is 'Access of memory location after end of buffer for some Intel Unison software may allow an authentication bypass.'
What is the severity of CVE-2023-38570?
The severity of CVE-2023-38570 is high with a score of 7.8.
Which software is affected by CVE-2023-38570?
The Intel Unison software versions up to 20.14.5683.0 are affected by CVE-2023-38570.
How can an authenticated user potentially exploit this vulnerability?
An authenticated user may be able to enable escalation of privilege via local access by exploiting the memory location after the end of the buffer.
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- vendor/intel
- canonical/intel unison software
- vendor/microsoft
- canonical/microsoft windows
- vendor/google
- canonical/google android
- vendor/apple
- canonical/apple iphone os