CVE-2023-40067

EUVD-2023-44674
Unchecked return value in firmware for some Intel(R) CSME may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.7 MEDIUM
PHYSICAL
HIGH
NONE
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
intelconverged_security_management_engine_firmware
𝑥
< 15.0.49
ADP
intelconverged_security_management_engine_firmware
𝑥
< 15.40.34
ADP
intelconverged_security_management_engine_firmware
𝑥
< 16.1.32
ADP
Common Weakness Enumeration
References
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00999.html
https://security.netapp.com/advisory/ntap-20241108-0003/