Untrusted search path in ITE Tech consumer infrared drivers (CID) - CVE-2023-23577
Published: August 10, 2023
ITE Tech consumer infrared drivers (CID)
Detailed vulnerability description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to usage of an untrusted search path. A local user can place a malicious binary into a specific location on the system and execute arbitrary code with escalated privileges.
How to mitigate CVE-2023-23577
Intel recommends updating ITE Tech consumer infrared drivers to version 5.5.2.1 or later for Intel® NUC.
Updates are available for download at this location: