Search criteria
2 vulnerabilities found for ispc_software_installer by intel
CVE-2023-27509 (GCVE-0-2023-27509)
Vulnerability from cvelistv5 – Published: 2023-08-11 02:37 – Updated: 2024-10-02 13:32
VLAI
Summary
Improper access control in some Intel(R) ISPC software installers before version 1.19.0 may allow an authenticated user to potentially enable escalation of privileges via local access.
Severity
6.6 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- escalation of privilege
- CWE-284 - Improper access control
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) ISPC software installers |
Affected:
before version 1.19.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:16:35.488Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00849.html",
"tags": [
"x_transferred"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00849.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27509",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T13:28:26.379048Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T13:32:11.287Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) ISPC software installers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.19.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in some Intel(R) ISPC software installers before version 1.19.0 may allow an authenticated user to potentially enable escalation of privileges via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-284",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-11T02:37:11.479Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00849.html",
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00849.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-27509",
"datePublished": "2023-08-11T02:37:11.479Z",
"dateReserved": "2023-03-02T04:00:03.064Z",
"dateUpdated": "2024-10-02T13:32:11.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27509 (GCVE-0-2023-27509)
Vulnerability from nvd – Published: 2023-08-11 02:37 – Updated: 2024-10-02 13:32
VLAI
Summary
Improper access control in some Intel(R) ISPC software installers before version 1.19.0 may allow an authenticated user to potentially enable escalation of privileges via local access.
Severity
6.6 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- escalation of privilege
- CWE-284 - Improper access control
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) ISPC software installers |
Affected:
before version 1.19.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:16:35.488Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00849.html",
"tags": [
"x_transferred"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00849.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27509",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T13:28:26.379048Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T13:32:11.287Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) ISPC software installers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.19.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in some Intel(R) ISPC software installers before version 1.19.0 may allow an authenticated user to potentially enable escalation of privileges via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-284",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-11T02:37:11.479Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00849.html",
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00849.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-27509",
"datePublished": "2023-08-11T02:37:11.479Z",
"dateReserved": "2023-03-02T04:00:03.064Z",
"dateUpdated": "2024-10-02T13:32:11.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}