CVE-2021-0077

CWE-732Incorrect Permission AssignmentCWE-2813 documents3 sources
Severity
7.8HIGH
EPSS
0.0%
top 88.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Vtune Profiler
Timeline
PublishedJun 9
Latest updateMay 24

Description

Insecure inherited permissions in the installer for the Intel(R) VTune(TM) Profiler before version 2021.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDintel/vtune_profiler< 2021.1.1
CVEListV5intel(r)_vtune(tm)_profilerbefore version 2021.1.1

Patches

Patch: www.intel.comPatch: www.intel.com

🔴Vulnerability Details

2
GHSA
GHSA-p4hj-vwj4-2jj3: Insecure inherited permissions in the installer for the Intel(R) VTune(TM) Profiler before version 20212022-05-24
CVEList
CVE-2021-0077: Insecure inherited permissions in the installer for the Intel(R) VTune(TM) Profiler before version 20212021-06-09
CVE-2021-0077 (HIGH CVSS 7.8) | Insecure inherited permissions in t | cvebase.io