CVE-2022-45112Improper Access Control in Intel Virtual Raid ON CPU

CWE-284Improper Access Control3 documents3 sources
Severity
7.8HIGHNVD
CNA7.3
EPSS
0.1%
top 84.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Virtual Raid ON CPU
Timeline
PublishedAug 11

Description

Improper access control in some Intel(R) VROC software before version 8.0.0.4035 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

NVDintel/virtual_raid_on_cpu< 8.0.0.4035

🔴Vulnerability Details

2
GHSA
GHSA-94xw-28m3-78q8: Improper access control in some Intel(R) VROC software before version 82023-08-11
CVEList
CVE-2022-45112: Improper access control in some Intel(R) VROC software before version 82023-08-11
CVE-2022-45112 — Improper Access Control in Intel | cvebase