CVE-2023-34355

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Aug 11, 2023
Updated: Nov 7, 2023
CWE ID 427

Summary

CVE-2023-34355 is a newly identified vulnerability affecting some Intel(R) Server Board M10JNP2SB integrated BMC video drivers. The issue stems from an uncontrolled search path element found in these drivers. This weakness could potentially allow authenticated users to escalate their privileges, either on Microsoft Windows or Linux platforms, through local access. The vulnerability exists before version 3.0 for Windows and before version 1.13.4 for Linux. Users are urged to update their drivers to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share