← Back

One Boot Flash Update

one_boot_flash_update

Vendor: Intel • 7 CVEs

CVEs (7)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-25945
1Intel
1One Boot Flash Update
Nov 21, 2024
Feb 14, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
Protection mechanism failure in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-32204
1Intel
1One Boot Flash Update
Nov 21, 2024
Nov 14, 2023
N/A· v4
7.8 HIGH· v3
N/A· v2
Improper access control in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-29161
1Intel
1One Boot Flash Update
Nov 21, 2024
Nov 14, 2023
N/A· v4
7.8 HIGH· v3
N/A· v2
Uncontrolled search path in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-29157
1Intel
1One Boot Flash Update
Nov 21, 2024
Nov 14, 2023
N/A· v4
7.8 HIGH· v3
N/A· v2
Improper access control in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2022-42465
1Intel
1One Boot Flash Update
Nov 21, 2024
May 10, 2023
N/A· v4
6.7 MEDIUM· v3
N/A· v2
Improper access control in kernel mode driver for the Intel(R) OFU software before version 14.1.30 may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2022-41784
1Intel
1One Boot Flash Update
Nov 21, 2024
May 10, 2023
N/A· v4
7.8 HIGH· v3
N/A· v2
Improper access control in kernel mode driver for the Intel(R) OFU software before version 14.1.30 may allow an authenticated user to potentially enable escalation of privilege via local access
CVE-2021-33104
1Intel
1One Boot Flash Update
Nov 21, 2024
Feb 16, 2023
N/A· v4
5.5 MEDIUM· v3
N/A· v2
Improper access control in the Intel(R) OFU software before version 14.1.28 may allow an authenticated user to potentially enable denial of service via local access.