July 1, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Google Chrome Vulnerabilities
August 1, 2024Facebook Ads Redirect Users to Phishing Websites to Steal Credit Card Details
August 1, 2024Multiple Google Chrome Vulnerabilities
August 1, 2024Facebook Ads Redirect Users to Phishing Websites to Steal Credit Card Details
August 1, 2024
Severity
Medium
Analysis Summary
CVE-2023-25073 CVSS:5.5
Intel Driver & Support Assistant (DSA) software is vulnerable to a denial of service, caused by improper access control. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-38566 CVSS:6.7
Intel Implicit SPMD Program Compiler (ISPC) software could allow a local authenticated attacker to gain elevated privileges on the system, caused by an uncontrolled search path. By placing a malicious file in the service path, an attacker could exploit this vulnerability to gain higher privileges on the system.
CVE-2023-24591 CVSS:7.3
Intel Binary Configuration Tool software could allow a local authenticated attacker to gain elevated privileges on the system, caused by an uncontrolled search path. By placing a malicious file in the service path, an attacker could exploit this vulnerability to gain higher privileges on the system.
CVE-2023-33870 CVSS:6.7
Intel Ethernet tools and driver install software could allow a local authenticated attacker to gain elevated privileges on the system, caused by insecure inherited permissions. By sending a specially crafted request, an attacker could exploit this vulnerability to gain elevated privileges.
Impact
- Denial of Service
- Privilege Escalation
Indicators of Compromise
CVE
- CVE-2023-25073
- CVE-2023-38566
- CVE-2023-24591
- CVE-2023-33870
Affected Vendors
Intel
Affected Products
- Intel Ethernet tools and driver install software 28.1
- Intel Ethernet tools and driver install software 28.0
- Intel Driver and Support Assistant (DSA) 22.5.33
- Intel Driver and Support Assistant (DSA) 22.5.34
- Intel Driver and Support Assistant (DSA) 22.6.39
- Intel Driver and Support Assistant (DSA) 22.6.42
- Intel Driver and Support Assistant (DSA) 22.8.50
- Intel Driver and Support Assistant (DSA) 23.1.9
- Intel Driver and Support Assistant (DSA) 23.2.17
- Intel Driver and Support Assistant (DSA) 23.3.25
- Intel Implicit SPMD Program Compiler (ISPC) 1.20.0
- Intel Implicit SPMD Program Compiler (ISPC) 1.19.0
- Intel Implicit SPMD Program Compiler (ISPC) 1.18.1
- Intel Implicit SPMD Program Compiler (ISPC) 1.17.0
- Intel Implicit SPMD Program Compiler (ISPC) 1.16.1
- Intel Implicit SPMD Program Compiler (ISPC) 1.16.0
- Intel Binary Configuration Tool 3.4.3
- Intel Binary Configuration Tool 3.4.2
- Intel Binary Configuration Tool 3.4.1
- Intel Binary Configuration Tool 3.4.0
- Intel Binary Configuration Tool 3.3.1
- Intel Binary Configuration Tool 3.3.0
- Intel Binary Configuration Tool 3.2.2
- Intel Binary Configuration Tool 3.2.0
- Intel Driver and Support Assistant (DSA) 22.7.44
Remediation
Refer to INTEL Security Advisory for patch, upgrade or suggested workaround information.