CVE-2023-27504 : Improper conditions check in some Intel(R) BIOS Guard firmware may allow a privi

Improper conditions check in some Intel(R) BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Published 2024-05-16 21:15:51

Updated 2024-05-17 18:36:31

Source Intel Corporation

View at NVD, CVE.org

Products affected by CVE-2023-27504

Please log in to view affected product information.

Exploit prediction scoring system (EPSS) score for CVE-2023-27504

EPSS FAQ

0.05%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 12 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-27504

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.2	HIGH	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N	0.8	5.8	Intel Corporation	2024-05-16
Attack Vector: Local Attack Complexity: High Privileges Required: High User Interaction: None Scope: Changed Confidentiality: High Integrity: High Availability: None

CWE ids for CVE-2023-27504

CWE-92

Assigned by: secure@intel.com (Secondary)

References for CVE-2023-27504

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00814.html

INTEL-SA-00814

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2023-27504

Products affected by CVE-2023-27504

Exploit prediction scoring system (EPSS) score for CVE-2023-27504

CVSS scores for CVE-2023-27504

CWE ids for CVE-2023-27504

References for CVE-2023-27504