CVE-2023-27505

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 11, 2023
Updated: Nov 7, 2023
CWE ID 276

Summary

CVE-2023-27505 refers to a vulnerability in some Intel(R) Advanced Link Analyzer Standard Edition software installers prior to version 22.1. This issue involves incorrect default permissions that can potentially enable privilege escalation for an authenticated user through local access. An attacker could exploit this flaw to gain heightened system privileges, leading to increased control and potential data compromise. It is recommended that affected organizations update their software installations to the latest version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share