Description

Uncontrolled search path in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access.

Related CPE's

o

intel

nuc_kit_wireless_adapter_driver_installer

*

*

*

*

*

windows_10

Vulnerable

h

intel

nuc_8_rugged_kit_nuc8cchkr

-

h

intel

nuc_board_nuc8cchb

-

h

intel

nuc_kit_nuc5pgyh

-

h

intel

nuc_kit_nuc5ppyh

-

h

intel

nuc_kit_nuc6cayh

-

h

intel

nuc_kit_nuc6cays

-

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html

Vendor Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html

Vendor Advisory

Weaknesses

[email protected]

Primary
CWE-427

134c704f-9b21-4f2e-91b3-4a467353bcc0

Secondary
CWE-427

CVSS impact metrics

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

6.7 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2022-11-11T16:15:15.790

2 years ago

Last modified

2025-02-04T18:15:31.320

4 months ago