Main Vulnerability Database Vulnerabilities #VU76023

Untrusted search path in Pathfinder for RISC-V - CVE-2023-27386

Published: May 11, 2023

Vulnerability identifier: #VU76023

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-27386

CWE-ID: CWE-426

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Pathfinder for RISC-V

Software vendor:
Intel

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to uncontrolled search path element, which leads to security restrictions bypass and privilege escalation.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.