#VU82351 Sequence of processor instructions leads to unexpected behavior in Intel products - CVE-2023-23583

Vulnerability identifier: #VU82351

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-23583

CWE-ID: CWE-1281

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
3rd Generation Intel Xeon Scalable Processors
Intel Xeon D Processors
10th Generation Intel Core Processors
11th Generation Intel Core Processors
Intel Xeon Processors
4th Generation Intel Xeon Scalable Processors
4th Generation Intel Xeon Platinum processors
4th Generation Intel Xeon Gold Processors
4th Generation Intel Xeon Silver Processors
4th Generation Intel Xeon Bronze Processors
Intel Xeon Scalable Processors with Intel vRAN
Intel Xeon W workstation processors
12th Generation Intel Core Processors
Intel Pentium Gold Processor Series
Intel Celeron Processors
13th Generation Intel Core Processors
Intel Processor U-series
Intel Xeon Scalable Processors

Software vendor:
Intel

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to an error related to processing of Sequence of processor instructions. A local user can execute arbitrary code with elevated privileges.

Install updates from vendor's website.

• https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00950.html