PT-2024-2694 · Intel · Intel One Boot Flash Update
Aobo Wang
·
Published
2024-02-13
·
Updated
2024-10-29
·
CVE-2023-25945
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Intel One Boot Flash Update (OFU) versions prior to 14.1.31
Description
The issue is related to a protection mechanism failure in the Intel One Boot Flash Update (OFU) software, which may allow an authenticated user to potentially enable escalation of privilege via local access. This could permit an attacker to increase their privileges.
Recommendations
For versions prior to 14.1.31, update to version 14.1.31 or later to resolve the issue. As a temporary workaround, consider restricting local access to the system until the update can be applied.
Fix
Protection Mechanism Failure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Intel One Boot Flash Update