CVE-2022-34405 | Severity.io

Description

An improper access control vulnerability was identified in the Realtek audio driver. A local authenticated malicious user may potentially exploit this vulnerability by waiting for an administrator to launch the application and attach to the process to elevate privileges on the system.

Related CPE's

a

dell

realtek_high_definition_audio_driver

7

alienware_m15_ryzen_edition_r5

alienware_m15_r6

alienware_area_51m_r1

alienware_area_51m_r2

alienware_aurora_r10

alienware_aurora_r11

alienware_aurora_r12

alienware_aurora_r8

alienware_aurora_r9

alienware_m15_r1

alienware_m15_r2

alienware_m15_r3

alienware_m15_r4

alienware_m17_r1

alienware_m17_r2

alienware_m17_r3

alienware_m17_r4

alienware_aurora_r13

alienware_x15_r1

alienware_x17_r1

References

https://www.dell.com/support/kbdoc/en-us/000205721/dsa-2022-316-dell-client-security-update-for-a-realtek-high-definition-audio-driver-vulnerability

Vendor Advisory

https://www.dell.com/support/kbdoc/en-us/000205721/dsa-2022-316-dell-client-security-update-for-a-realtek-high-definition-audio-driver-vulnerability

Vendor Advisory

Weaknesses

[email protected]

Secondary

CWE-285

[email protected]

Primary

NVD-CWE-Other

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

7.3 · High

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-01-26T20:15:42.883Z

3 years ago

Last modified

2024-11-21T06:09:27.440Z

1 year ago