Cyber Resilience

CVE-2023-49618

High

Published: 12 February 2025

Published
12 February 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 8.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0006 19.9th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-49618 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Intel (inferred from references). Its CVSS base score is 8.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 19.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2023-49618 involves improper buffer restrictions (CWE-119) in some Intel(R) System Security Report and System Resources Defense firmware. This vulnerability may allow a privileged user to potentially enable escalation of privilege via local access. It carries a CVSS v3.1 base score of 7.5, reflecting attack vector (AV:L), high attack complexity (AC:H), high privileges required (PR:H), no user interaction (UI:N), changed scope (S:C), and high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H).

A privileged user with local access can exploit this vulnerability, though it requires high attack complexity. Successful exploitation could enable escalation of privilege, potentially leading to high-impact disruption across confidentiality, integrity, and availability with scope expansion beyond the vulnerable component.

Intel has issued security advisory INTEL-SA-01203 addressing this issue, available at https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01203.html, which provides details on affected products and mitigation steps.

EU & UK References

Vulnerability details

Improper buffer restrictions in some Intel(R) System Security Report and System Resources Defense firmware may allow a privileged user to potentially enable escalation of privilege via local access.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local memory corruption vulnerability in firmware directly enables exploitation to achieve privilege escalation from an already-privileged local context.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-47796Shared CWE-119
CVE-2026-22167Shared CWE-119
CVE-2025-15411Shared CWE-119
CVE-2026-20700Shared CWE-119
CVE-2026-3145Shared CWE-119
CVE-2024-44238Shared CWE-119
CVE-2025-15413Shared CWE-119
CVE-2026-20698Shared CWE-119
CVE-2025-13547Shared CWE-119
CVE-2025-1179Shared CWE-119

Affected Assets

Intel
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the improper buffer restrictions in Intel firmware by identifying, testing, and applying vendor patches as specified in INTEL-SA-01203.

prevent

Implements memory protections such as non-executable memory regions and address space layout randomization to block exploitation of buffer overflows leading to privilege escalation.

prevent

Enforces least privilege to restrict the scope of privileges held by local privileged users, thereby limiting the potential impact of escalation via this firmware vulnerability.

References