Falcon Corruption
·
Published
2023-08-08
·
Updated
2023-08-23
·
CVE-2023-34355
6.7
Medium
| Base vector | Vector | AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Intel(R) Server Board M10JNP2SB BMC Video Driver versions prior to 3.0 for Microsoft Windows
Intel(R) Server Board M10JNP2SB BMC Video Driver versions prior to 1.13.4 for Linux
Description:
The issue is related to an uncontrolled search path element in the BMC video driver, which may allow an authenticated user to potentially enable escalation of privilege via local access. This could permit a malicious user to execute arbitrary code.
Recommendations:
For Intel(R) Server Board M10JNP2SB BMC Video Driver versions prior to 3.0 for Microsoft Windows, update to version 3.0 or later.
For Intel(R) Server Board M10JNP2SB BMC Video Driver versions prior to 1.13.4 for Linux, update to version 1.13.4 or later.
Fix
Uncontrolled Search Path Element