Summaryinfo

A vulnerability identified as critical has been detected in Intel NUC7PJYH and NUC7CJYH. This issue affects some unknown processing. This manipulation causes improper authentication. The identification of this vulnerability is CVE-2023-32661. The attack can only be executed locally. There is no exploit available. You should upgrade the affected component. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Detailsinfo

A vulnerability classified as critical was found in Intel NUC7PJYH and NUC7CJYH. Affected by this vulnerability is some unknown functionality. The manipulation with an unknown input leads to a improper authentication vulnerability. The CWE definition for the vulnerability is CWE-287. When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:

Improper authentication in some Intel(R) NUC Kits NUC7PJYH and NUC7CJYH Realtek* SD Card Reader Driver installation software before version 10.0.19041.29098 may allow an authenticated user to potentially enable escalation of privilege via local access.

The weakness was shared 11/14/2023 as intel-sa-00908. It is possible to read the advisory at intel.com. This vulnerability is known as CVE-2023-32661 since 06/02/2023. The technical details are unknown and an exploit is not publicly available.

Upgrading to version 10.0.19041.29098 eliminates this vulnerability.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Productinfo

Vendor

• Intel

Name

• NUC7CJYH
• NUC7PJYH

License

• commercial

Website

• Vendor: https://www.intel.com/

CPE 2.3info

• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion