CVE-2023-25174: 
Intel Chipset Device Software vulnerability analysis and mitigation

Improper access control in Intel(R) Chipset Driver Software before version 10.1.19444.8378 was identified as a security vulnerability. This issue was disclosed on February 14, 2024, and affects Intel's Chipset Device Software installations prior to the specified version. The vulnerability allows authenticated users with local access to potentially escalate their privileges on affected systems (NVD).

The vulnerability has been assigned CVE-2023-25174 and is classified as an improper access control issue (CWE-284). The National Vulnerability Database has assigned it a CVSS v3.1 base score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, while Intel Corporation assessed it with a score of 6.7 (MEDIUM) with the vector string CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H (NVD).

The vulnerability can lead to escalation of privilege on affected systems, potentially allowing authenticated users to gain higher levels of access than intended. This could compromise the confidentiality, integrity, and availability of the affected systems, as indicated by the high impact scores in the CVSS rating (NVD).

The vulnerability has been addressed in Intel(R) Chipset Driver Software version 10.1.19444.8378. Users and administrators are advised to update to this version or later to mitigate the security risk (Intel Advisory).