CVE-2023-39941: 
Intel Computing Improvement Program vulnerability analysis and mitigation

CVE-2023-39941 is a security vulnerability affecting Intel(R) System Usage Report (SUR) software versions prior to 2.4.10587. The vulnerability was disclosed on February 14, 2024, and impacts the access control mechanisms of the software (NVD, Intel Advisory).

The vulnerability is classified as an improper access control issue that allows an unauthenticated user to potentially enable denial of service via adjacent access. The CVSS v3.1 base score is 6.5 (Medium) according to NIST's assessment, with a vector string of CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. Intel Corporation's assessment rates it slightly higher at 7.1 (High) with a vector string of CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H (NVD).

The vulnerability can lead to denial of service when exploited by an unauthenticated user with adjacent network access. According to Intel's assessment, there is also potential for low impact on integrity (NVD).

Intel has released software updates to address this vulnerability. Users should upgrade to Intel(R) SUR software version 2.4.10587 or later to mitigate the risk (Intel Advisory).