PT-2024-12809 · Intel · Intel Ethernet Tools/Driver Install
Falcon Corruption
+1
·
Published
2024-02-14
·
Updated
2024-10-24
·
CVE-2023-39432
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Intel(R) Ethernet tools and driver install software versions prior to 28.2
Description
The issue is related to an improper access control element in some Intel(R) Ethernet tools and driver install software. This may allow an authenticated user to potentially enable escalation of privilege via local access.
Recommendations
For versions prior to 28.2, update to version 28.2 or later to resolve the issue. As a temporary workaround, consider restricting local access to minimize the risk of exploitation.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Intel Ethernet Tools/Driver Install