What is CVE-2023-32278?

CVE-2023-32278 is a medium-severity vulnerability in Intel Nuc_m15_laptop_kit_evo_laprc510, classified under CWE-249. CVSS score: 6.7/10. Published 2023-11-14.

How severe is CVE-2023-32278?

Medium severity. CVSS v3 base score is 6.7 out of 10.

Path Traversal in Intel Nuc_m15_laptop_kit_evo_laprc510

CVE-2023-32278

Path transversal in some Intel(R) NUC Uniwill Service Driver for Intel(R) NUC M15 Laptop Kits - LAPRC510 & LAPRC710 Uniwill Service Driver installation software before version 1.0.1.7 for Intel(R) NUC Software Studio may allow an authentic…

EPSS: 0.002 (12.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H.

Affected products

Intel Nuc_m15_laptop_kit_evo_laprc510
Intel Nuc_m15_laptop_kit_evo_laprc710
Intel Nuc_m15_laptop_kit_laprc510
Intel Nuc_m15_laptop_kit_laprc710
Intel Nuc_uniwill_service_driver
N/a Intel(r) Nuc Uniwill Service Driver For M15 Laptop Kits - Laprc510 & Laprc710 Installation Software — versions before version 1.0.1.7 for Intel(R) NUC Software Studio

Weakness classification (CWE)

References

secure@intel.com (Patch, Vendor Advisory)

Frequently asked questions

What is CVE-2023-32278?: CVE-2023-32278 is a medium-severity vulnerability in Intel Nuc_m15_laptop_kit_evo_laprc510, classified under CWE-249. CVSS score: 6.7/10. Published 2023-11-14.
How severe is CVE-2023-32278?: Medium severity. CVSS v3 base score is 6.7 out of 10.