CVE-2022-38076
Severity
7.8HIGH
EPSS
0.1%
top 74.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 11
Description
Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:NExploitability: 2.0 | Impact: 1.4
Affected Packages5 packages
Also affects: Debian Linux 10.0, Fedora 37, 38, 39
Patches
🔴Vulnerability Details
3CVEList▶
CVE-2022-38076: Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable esc↗2023-08-11
OSV▶
CVE-2022-38076: Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable esc↗2023-08-11
GHSA▶
GHSA-6cj9-745m-pp83: Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable esc↗2023-08-11