CVE-2023-34440

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Feb 12, 2025

CWE ID 20

Summary

CVE-2023-34440 is a vulnerability affecting certain Intel(R) Processors. The issue resides in the UEFI firmware's input validation mechanism. An attacker with local privileges can exploit this weakness and potentially escalate their access, elevating their system permissions. This input validation flaw may pose a significant risk if left unaddressed, allowing malicious actors to gain unwarranted control over affected systems. Intel is strongly urged to release a patch to mitigate this issue promptly.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/rzabhZ
https://www.cve.org/CVERecord?id=CVE-2023-34440
https://nvd.nist.gov/vuln/detail/CVE-2023-34440

Back to Vulnerability Database

CVE-2023-34440

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations