CVE-2023-22311

Published: Feb 14, 2024Modified: Feb 20, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Improper access control in some Intel(R) Optane(TM) PMem 100 Series Management Software before version 01.00.00.3547 may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected (1)

Products: Intel: Optane Persistent Memory Firmware

Intel

1 product

Optane Persistent Memory Firmware

Configuration A

1 vulnerable · 6 platform

Vulnerable Software	Affected Versions
Intel Optane Persistent Memory Firmware	Before 01.00.00.3547

Running on/with	Platform Versions
Intel Nma1xxd128gpsu4	All versions
Intel Nma1xxd128gpsuf	All versions
Intel Nma1xxd256gpsu4	All versions
Intel Nma1xxd256gpsuf	All versions
Intel Nma1xxd512gpsu4	All versions
Intel Nma1xxd512gpsuf	All versions

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00948.html

Source: secure@intel.com

Vendor Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00948.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.