CVE-2021-0112

CWE-4284 documents4 sources
Severity
7.3HIGH
EPSS
0.1%
top 66.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Unite
Timeline
PublishedJun 9
Latest updateMay 24

Description

Unquoted service path in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 1.3 | Impact: 5.9

Affected Packages2 packages

CVEListV5intel_unite(r)_client_for_windowsbefore version 4.2.25031
NVDintel/unite< 4.2.25031

🔴Vulnerability Details

2
GHSA
GHSA-g748-jrj6-5689: Unquoted service path in the Intel Unite(R) Client for Windows before version 42022-05-24
CVEList
CVE-2021-0112: Unquoted service path in the Intel Unite(R) Client for Windows before version 42021-06-09

📋Vendor Advisories

1
Chrome
Stable Channel Update for Desktop: CVE-2022-01122022-01-04
CVE-2021-0112 (HIGH CVSS 7.3) | Unquoted service path in the Intel | cvebase.io