• EN

Intel Processor Vulnerability: CVE-2023-23583 (Intel-SA-00950) - 2023.4 IPU Out-of-Band (OOB) - Intel® Processor Advisory - Reptar

  • 15 November 2023
  • 2 comments
  • 290 views
dips
Userlevel 7
Badge +7
  • dips
  • Veeam Legend
  • 717 comments

Intel have advised there is a new vulnerability affecting their processors. It looks like there are quite a few processors affected:

CVEID: CVE-2023-23583

Description: Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access.

CVSS Base Score: 8.8 High

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00950.html

 

I expect they will try and mitigate via a firmware or BIOS update. 

Additional info:

Dipen N. K. | IT Security Specialist | Veeam Legend 2022 - 2023 | www.dipen.co.uk

2 comments

Chris.Childerhose
Userlevel 7
Badge +20

Wow! More intel vulnerabilities.  Thanks for sharing this Dips.  Need to inform my VMware team about this.

Chris Childerhose - VMCA2022 | VMCE2023 | Veeam Vanguard 7* | Veeam Legend 3* | vExpert 5* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
TylerJurgens
Userlevel 7
Badge +6

Also co-incides with an AMD vulnerability. Interesting share, thank you!

Tyler Jurgens | Cloud Infrastructure Engineer | Veeam Legend x2 | vExpert ** | VMSP/VMTSP | VCP-2020 | VSP/VTSP | Tanzu Vanguard | VMUG Calgary Leader | VUG Canada Leader | https://explosive.cloud | @Tyler_Jurgens | BlueSky: @tylerjurgens.bsky.social

Comment


Terms & Conditions