CVE-2023-40067

CVSS 3.1 Score 5.7 of 10 (medium)

Details

Published Aug 14, 2024
CWE ID 252

Summary

CVE-2023-40067 is a vulnerability affecting some Intel(R) CSME firmware. It allows an unauthenticated user, with physical access, to potentially escalate privileges due to an unchecked return value in the firmware. This issue could enable attackers to gain elevated access to the system, posing a significant risk to security. The vulnerability can be exploited through direct manipulation of the hardware, making it crucial for affected organizations to apply appropriate patches as soon as possible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share