CVE-2020-0559

CWE-732Incorrect Permission AssignmentCWE-276Incorrect Default Permissions3 documents3 sources
Severity
7.8HIGH
EPSS
0.0%
top 92.85%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
12
Intel AC 3165 FirmwareIntel AC 3168 FirmwareIntel AC 7265 Firmware+9 more
Timeline
PublishedAug 13
Latest updateMay 24

Description

Insecure inherited permissions in some Intel(R) PROSet/Wireless WiFi products on Windows* 7 and 8.1 before version 21.40.5.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages12 packages

CVEListV5intel(r)_proset/wireless_wifi_advisoryBefore version 21.40.5.1
NVDintel/ax200_firmware< 21.40.5.1
NVDintel/ax201_firmware< 21.40.5.1
NVDintel/ac_3165_firmware< 21.40.5.1
NVDintel/ac_3168_firmware< 21.40.5.1

Patches

Patch: www.intel.comPatch: www.intel.com

🔴Vulnerability Details

2
GHSA
GHSA-8c6v-63hp-qhf2: Insecure inherited permissions in some Intel(R) PROSet/Wireless WiFi products on Windows* 7 and 82022-05-24
CVEList
CVE-2020-0559: Insecure inherited permissions in some Intel(R) PROSet/Wireless WiFi products on Windows* 7 and 82020-08-13
CVE-2020-0559 (HIGH CVSS 7.8) | Insecure inherited permissions in s | cvebase.io