What is CVE-2023-22841?

CVE-2023-22841 is a medium-severity vulnerability in Intel C621a, classified under Unquoted Search Path or Element. CVSS score: 6.7/10. Published 2023-08-11.

How severe is CVE-2023-22841?

Medium severity. CVSS v3 base score is 6.7 out of 10.

Vulnerability in Intel C621a

CVE-2023-22841

Unquoted search path in the software installer for the System Firmware Update Utility (SysFwUpdt) for some Intel(R) Server Boards and Intel(R) Server Systems Based on Intel(R) 621A Chipset before version 16.0.7 may allow an authenticated u…

EPSS: 0.002 (4.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H.

Affected products

Intel C621a
Intel Server_firmware_update_utility
N/a System Firmware Update Utility (Sysfwupdt) For Some Intel(r) Server Boards And Systems Based On 621a Chipset — versions before version 16.0.7

Weakness classification (CWE)

References

secure@intel.com (Patch, Vendor Advisory)

Frequently asked questions

What is CVE-2023-22841?: CVE-2023-22841 is a medium-severity vulnerability in Intel C621a, classified under Unquoted Search Path or Element. CVSS score: 6.7/10. Published 2023-08-11.
How severe is CVE-2023-22841?: Medium severity. CVSS v3 base score is 6.7 out of 10.