Stack-BufferOverflow & PrivEsc in Intel TAC <2021.8.0
CVE-2023-23580 Published on May 10, 2023
Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially escalation of privilege via local access.
Vulnerability Analysis
CVE-2023-23580 is exploitable with local system access, requires user interaction and a small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be low. considered to have a small impact on confidentiality and integrity and availability.
Weakness Type
What is a Stack Overflow Vulnerability?
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CVE-2023-23580 has been classified to as a Stack Overflow vulnerability or weakness.
Products Associated with CVE-2023-23580
stack.watch emails you whenever new vulnerabilities are published in Intel Trace Analyzer And Collector or Intel Oneapi Hpc Toolkit. Just hit a watch button to start following.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.