Incorrect default permissions in some Intel(R) CSME installer software before version 2328.5.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.Referenceshttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html
