Privilege escalation in Intel processors
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2023-23583 |
| CWE-ID | CWE-1281 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
3rd Generation Intel Xeon Scalable Processors Hardware solutions / Firmware Intel Xeon D Processors Hardware solutions / Firmware 10th Generation Intel Core Processors Hardware solutions / Firmware 11th Generation Intel Core Processors Hardware solutions / Firmware Intel Xeon Processors Hardware solutions / Firmware 4th Generation Intel Xeon Scalable Processors Hardware solutions / Firmware 4th Generation Intel Xeon Platinum processors Hardware solutions / Firmware 4th Generation Intel Xeon Gold Processors Hardware solutions / Firmware 4th Generation Intel Xeon Silver Processors Hardware solutions / Firmware 4th Generation Intel Xeon Bronze Processors Hardware solutions / Firmware Intel Xeon Scalable Processors with Intel vRAN Hardware solutions / Firmware Intel Xeon W workstation processors Hardware solutions / Firmware 12th Generation Intel Core Processors Hardware solutions / Firmware Intel Pentium Gold Processor Series Hardware solutions / Firmware Intel Celeron Processors Hardware solutions / Firmware 13th Generation Intel Core Processors Hardware solutions / Firmware Intel Processor U-series Hardware solutions / Firmware Intel Xeon Scalable Processors Hardware solutions / Other hardware appliances |
| Vendor | Intel |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Sequence of processor instructions leads to unexpected behavior
EUVDB-ID: #VU82351
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-23583
CWE-ID:
CWE-1281 - Sequence of Processor Instructions Leads to Unexpected Behavior
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to an error related to processing of Sequence of processor instructions. A local user can execute arbitrary code with elevated privileges.
Install updates from vendor's website.
Vulnerable software versions3rd Generation Intel Xeon Scalable Processors: All versions
Intel Xeon D Processors: All versions
10th Generation Intel Core Processors: All versions
11th Generation Intel Core Processors: All versions
Intel Xeon Processors: All versions
4th Generation Intel Xeon Scalable Processors: All versions
4th Generation Intel Xeon Platinum processors: All versions
4th Generation Intel Xeon Gold Processors: All versions
4th Generation Intel Xeon Silver Processors: All versions
4th Generation Intel Xeon Bronze Processors: All versions
Intel Xeon Scalable Processors with Intel vRAN: All versions
Intel Xeon Scalable Processors: All versions
Intel Xeon W workstation processors: All versions
12th Generation Intel Core Processors: All versions
Intel Pentium Gold Processor Series: All versions
Intel Celeron Processors: All versions
13th Generation Intel Core Processors: All versions
Intel Processor U-series: All versions
External linkshttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00950.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
