What is CVE-2023-33878?

CVE-2023-33878 is a medium-severity vulnerability in Intel Audio_install_package, classified under CWE-249. CVSS score: 6.7/10. Published 2023-11-14.

How severe is CVE-2023-33878?

Medium severity. CVSS v3 base score is 6.7 out of 10.

Path Traversal in Intel Audio_install_package

CVE-2023-33878

Path transversal in some Intel(R) NUC P14E Laptop Element Audio Install Package software before version 156 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.

EPSS: 0.002 (13.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H.

Affected products

Intel Audio_install_package
Intel Nuc_p14e_laptop_element_cmcn1cc
N/a Intel(r) Nuc P14e Laptop Element Audio Install Package Software — versions before version 156 for Windows

Weakness classification (CWE)

References

secure@intel.com (Patch, Vendor Advisory)

Frequently asked questions

What is CVE-2023-33878?: CVE-2023-33878 is a medium-severity vulnerability in Intel Audio_install_package, classified under CWE-249. CVSS score: 6.7/10. Published 2023-11-14.
How severe is CVE-2023-33878?: Medium severity. CVSS v3 base score is 6.7 out of 10.