HIGH✓ PATCH🇬🇧 English

CVE-2023-27298

CVSS 8.8v3.1pub. 2023-05-10upd. 2024-11-21

Uncontrolled search path in the WULT software maintained by Intel(R) before version 1.0.0 (commit id 592300b) may allow an unauthenticated user to potentially enable escalation of privilege via network access.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Intel Wake Up Latency Tracer

    APP
    Intel
    < 1.0.0
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2021-45046CRITICAL9.0⚠ KEVten sam vendor

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-defau...

CVE-2021-44228CRITICAL10.0⚠ KEVten sam vendor

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features u...

CVE-2017-5689CRITICAL9.8⚠ KEVten sam vendor

An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel A...

CVE-2024-23497CRITICAL9.3PL ✓ten sam vendor

Out-of-bounds write w sterowniku Linux dla Intel Ethernet 800 Series — privilege escalation

CVE-2024-23981CRITICAL9.3PL ✓ten sam vendor

Błąd wrap-around w sterowniku Intel Ethernet 800 — privilege escalation