CVE-2022-26024

CWE-2813 documents3 sources
Severity
7.8HIGH
EPSS
0.0%
top 86.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
11
Intel Nuc7i3dnbe FirmwareIntel Nuc7i3dnhe FirmwareIntel Nuc7i3dnhnc Firmware+8 more
Timeline
PublishedNov 11

Description

Improper access control in the Intel(R) NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN before version 1.78.2.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages11 packages

NVDintel/nuc7i3dnbe_firmware< 1.78.2.0.7
NVDintel/nuc7i3dnhe_firmware< 1.78.2.0.7
NVDintel/nuc7i3dnke_firmware< 1.78.2.0.7
NVDintel/nuc7i5dnbe_firmware< 1.78.2.0.7
NVDintel/nuc7i5dnhe_firmware< 1.78.2.0.7

🔴Vulnerability Details

2
GHSA
GHSA-xqmf-wf6x-2cx6: Improper access control in the Intel(R) NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN before version 12022-11-11
CVEList
CVE-2022-26024: Improper access control in the Intel(R) NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN before version 12022-11-11
CVE-2022-26024 (HIGH CVSS 7.8) | Improper access control in the Inte | cvebase.io