Input validation error in Intel products - CVE-2023-49615
Published: February 14, 2025
Vulnerability identifier: #VU103964
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U/U:Clear
CVE-ID: CVE-2023-49615
CWE-ID: CWE-20
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Intel
Affected software:
Intel System Security Report and System Resource Defense (PPAM)
11th Generation Intel Core Processors
12th Generation Intel Core Processors
Intel Pentium Gold Processor Series
Intel Celeron Processors
10th Generation Intel Core Processors
Intel System Security Report and System Resource Defense (PPAM)
11th Generation Intel Core Processors
12th Generation Intel Core Processors
Intel Pentium Gold Processor Series
Intel Celeron Processors
10th Generation Intel Core Processors
Detailed vulnerability description
The vulnerability allows a remote attacker to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input. A local administrator can pass specially crafted input to the application and gain elevated privileges on the system.
How to mitigate CVE-2023-49615
Install updates from vendor's website.