CVE-2022-36391

CWE-276Incorrect Default Permissions3 documents3 sources
Severity
7.8HIGH
EPSS
0.1%
top 81.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel NUC PRO Software Suite
Timeline
PublishedMay 10

Description

Incorrect default permissions for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5intel(r)_nuc_pro_software_suitebefore version 2.0.0.3

🔴Vulnerability Details

2
CVEList
CVE-2022-36391: Incorrect default permissions for the Intel(R) NUC Pro Software Suite before version 22023-05-10
GHSA
GHSA-xr4h-xg4j-4v8c: Incorrect default permissions for the Intel(R) NUC Pro Software Suite before version 22023-05-10
CVE-2022-36391 (HIGH CVSS 7.8) | Incorrect default permissions for t | cvebase.io