CVE-2023-28714: 
Intel PROSet/Wireless WiFi Software vulnerability analysis and mitigation

Improper access control vulnerability (CVE-2023-28714) was discovered in Intel(R) PROSet/Wireless WiFi software for Windows before version 22.220 HF (Hot Fix). The vulnerability was disclosed on August 8, 2023, affecting Intel PROSet/Wireless WiFi software installations on Windows systems (Intel Advisory, NVD).

The vulnerability is classified as an improper access control issue (CWE-284) with a CVSS v3.1 base score of 6.7 (MEDIUM) according to NVD, while Intel rates it at 8.2 (HIGH). The CVSS vector string is CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H, indicating local access is required with high privileges, but no user interaction is needed (NVD).

If exploited, this vulnerability could allow a privileged user to potentially enable escalation of privilege via local access. The vulnerability affects confidentiality, integrity, and availability of the system, all rated as High impact according to the CVSS metrics (NVD).

Intel has released version 22.220 HF (Hot Fix) of the PROSet/Wireless WiFi software for Windows to address this vulnerability. Users are advised to update to this version or later to mitigate the security risk (Intel Advisory).