CVE-2023-43489: 
Intel Computing Improvement Program vulnerability analysis and mitigation

A vulnerability in Intel(R) Computing Improvement Program (Intel(R) CIP) software before version 2.4.10717 has been identified. The vulnerability involves improper access control that could allow an authenticated user to potentially enable denial of service through local access (Intel Advisory, NVD).

The vulnerability has been assigned a CVSS v3.1 Base Score of 5.5 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. Additionally, it received a CVSS v4.0 score of 6.8 (Medium) with the vector string CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N. The vulnerability is classified under CWE-284 (Improper Access Control) (Intel Advisory, NVD).

The vulnerability affects the availability of the system, potentially enabling denial of service attacks when successfully exploited. The impact is limited to availability with no direct effect on confidentiality or integrity (Intel Advisory).

Intel recommends updating Intel CIP software to version 2.4.10717 or later to address this vulnerability. Updates are available for download from Intel's support website (Intel Advisory).

Intel has acknowledged the contribution of security researcher ycdxsb for reporting this issue. The company follows the Coordinated Disclosure practice, where cybersecurity vulnerabilities are publicly disclosed only after mitigations are available (Intel Advisory).