CVE-2022-41687 — Insecure Inherited Permissions in Intel NUC P14e Laptop Element

CWE-277 — Insecure Inherited Permissions CWE-276 — Incorrect Default Permissions4 documents4 sources

Severity

7.8HIGHNVD

CNA6.7

EPSS

0.1%

top 81.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel NUC P14e Laptop Element

Timeline

PublishedMay 10

Latest updateSep 17

Description

Insecure inherited permissions in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.1.44 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

▶NVDintel/nuc_p14e_laptop_element< 1.1.44

🔴Vulnerability Details

OSV

dcmtk vulnerabilities↗2024-09-17

▶

GHSA

GHSA-89c4-jr3c-xmfx: Insecure inherited permissions in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1↗2023-05-10

▶

CVEList

CVE-2022-41687: Insecure inherited permissions in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1↗2023-05-10

▶