Mohammed

**Name of the Vulnerable Software and Affected Versions** Intel Ethernet Adapter Complete Driver Pack versions (affected versions not specified) Intel(R) Ethernet Connection I219-LM (affected versions not specified) **Description** The issue is related to an uncontrolled search path element in the installer for Intel Ethernet Adapter Complete Driver Pack for the Windows operating system. This could potentially allow an authenticated user to escalate their privileges via local access. **Recommendations** For Intel Ethernet Adapter Complete Driver Pack, consider restricting access to the installer until a patch is available. For Intel(R) Ethernet Connection I219-LM, as a temporary workaround, consider disabling the installation software until a fix is provided. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Intel Server Configuration Utility versions prior to 16.0.9 **Description** The issue is related to an unquoted search path in the installer for some Intel Server Configuration Utility software. This may allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** For versions prior to 16.0.9, update to version 16.0.9 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Intel(R) QAT drivers for Windows - HW Version 2.0 versions prior to 2.0.4 **Description** The issue is related to an uncontrolled search path element in some Intel(R) QAT drivers for Windows, which may allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** For Intel(R) QAT drivers for Windows - HW Version 2.0 versions prior to 2.0.4, update to version 2.0.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** System Firmware Update Utility (SysFwUpdt) for some Intel(R) Server Boards and Intel(R) Server Systems Based on Intel(R) 621A Chipset versions prior to 16.0.7 **Description** The issue is related to an unquoted search path in the software installer, which may allow an authenticated user to potentially enable escalation of privilege via local access. This could potentially impact Intel(R) Server Boards and Intel(R) Server Systems Based on Intel(R) 621A Chipset. **Recommendations** For versions prior to 16.0.7, update to version 16.0.7 or later to resolve the issue. As a temporary workaround, consider restricting local access to the System Firmware Update Utility (SysFwUpdt) to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Intel(R) VCUST Tool versions prior to those downloaded on February 3rd, 2023 **Description** The issue is related to an uncontrolled search path element in the Intel(R) VCUST Tool software. This may allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** For Intel(R) VCUST Tool versions prior to those downloaded on February 3rd, 2023, update to a version downloaded on or after February 3rd, 2023, to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Intel(R) RST software versions prior to 16.8.5.1014.5 Intel(R) RST software versions prior to 17.11.3.1010.2 Intel(R) RST software versions prior to 18.7.6.1011.2 Intel(R) RST software versions prior to 19.5.2.1049.5 **Description** The issue is related to an uncontrolled search path in some Intel(R) RST software, which may allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** For versions prior to 16.8.5.1014.5, update to version 16.8.5.1014.5 or later. For versions prior to 17.11.3.1010.2, update to version 17.11.3.1010.2 or later. For versions prior to 18.7.6.1011.2, update to version 18.7.6.1011.2 or later. For versions prior to 19.5.2.1049.5, update to version 19.5.2.1049.5 or later.

**Name of the Vulnerable Software and Affected Versions** Intel(R) NUC Pro Software Suite versions prior to 2.0.0.3 **Description** The issue is related to incorrect default permissions in the Intel(R) NUC Pro Software Suite, which may allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** For versions prior to 2.0.0.3, update to version 2.0.0.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Intel(R) NUC Pro Software Suite versions prior to 2.0.0.3 **Description** The issue concerns insecure inherited permissions that may allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** For versions prior to 2.0.0.3, update to version 2.0.0.3 or later to resolve the issue.