CVE-2020-12346

CWE-276Incorrect Default Permissions3 documents3 sources
Severity
7.8HIGH
EPSS
0.0%
top 88.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Battery Life Diagnostic Tool
Timeline
PublishedNov 12
Latest updateMay 24

Description

Improper permissions in the installer for the Intel(R) Battery Life Diagnostic Tool before version 1.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5intel(r)_battery_life_diagnostic_toolbefore version 1.0.7

🔴Vulnerability Details

2
GHSA
GHSA-pp63-2w5w-85jc: Improper permissions in the installer for the Intel(R) Battery Life Diagnostic Tool before version 12022-05-24
CVEList
CVE-2020-12346: Improper permissions in the installer for the Intel(R) Battery Life Diagnostic Tool before version 12020-11-12
CVE-2020-12346 (HIGH CVSS 7.8) | Improper permissions in the install | cvebase.io