CVE-2023-35841

Published May 14, 2024

Last updated 6 months ago

CVSS high 7.8

Overview

Description
Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Driver on Windows allows Privilege Escalation which allows for modification of system firmware.This issue affects WinFlash Driver: before 4.5.0.0.
Source
22d9ba52-f336-4b0d-bf1f-0efbdcc3c1de
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

22d9ba52-f336-4b0d-bf1f-0efbdcc3c1de
CWE-732

Social media

Hype score
Not currently trending

References