Driver & Support Assistant
Approved changes feed: RSS · Atom
cpe:2.3:a:intel:driver_\&_support_assistant:23.3.25.6:*:*:*:*:*:*:*
part: a version: 23.3.25.6 update: *
| Vendor | Intel (929cab12-ac81-57b7-8a87-14c6f331cefb) |
|---|---|
| Product | Driver & Support Assistant (3c175a1d-20ff-5d71-ae5b-b041278bbccc) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-50197 |
vulnerable | 2026-06-08 06:16:15.661102 |
Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability
HIGH (7.8)
Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the DSA Service. By creating a symbolic link, an attacker can abuse the service to write a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-21845.
Published: 2024-05-03T02:14:22.353Z
Updated: 2024-08-15T15:50:50.156Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-42099 |
vulnerable | 2026-06-08 06:11:07.804482 |
Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability
HIGH (7.8)
Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the DSA Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-21846.
Published: 2024-05-03T02:13:11.158Z
Updated: 2024-08-15T15:50:14.641Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.