Intel SDP Tool <1.4build5: Local PrivEsc via Improper Default Permissions
CVE-2023-31246 Published on August 11, 2023

Incorrect default permissions in some Intel(R) SDP Tool software before version 1.4 build 5 may allow an authenticated user to potentially enable escalation of privilege via local access.

NVD

Vulnerability Analysis

CVE-2023-31246 is exploitable with local system access, requires user interaction and a small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:

LOCAL

Attack Complexity:

HIGH

Privileges Required:

LOW

User Interaction:

REQUIRED

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Weakness Type

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

Products Associated with CVE-2023-31246

Want to know whenever a new CVE is published for Intel Server Debug Provisioning Tool? stack.watch will email you.

Intel Server Debug Provisioning Tool

Exploit Probability

EPSS

0.06%

Percentile

18.92%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Intel SDP Tool <1.4build5: Local PrivEsc via Improper Default PermissionsCVE-2023-31246 Published on August 11, 2023

Vulnerability Analysis

Weakness Type

Incorrect Default Permissions

Products Associated with CVE-2023-31246

Exploit Probability

Intel SDP Tool <1.4build5: Local PrivEsc via Improper Default Permissions
CVE-2023-31246 Published on August 11, 2023