Lucene search

K
cve[email protected]CVE-2021-33091
HistoryNov 17, 2021 - 7:15 p.m.

CVE-2021-33091

2021-11-1719:15:08
CWE-732
web.nvd.nist.gov
17
cve-2021-33091
insecure permissions
intel
nuc m15
laptop kit
audio driver
escalation of privilege
local access

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

Insecure inherited permissions in the installer for the Intel® NUC M15 Laptop Kit audio driver pack before version 1.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected configurations

Vulners
NVD
Node
intelnuc_m15_laptop_kit_audio_driver_packRange<1.3

CNA Affected

[
  {
    "product": "Intel(R) NUC M15 Laptop Kit audio driver pack",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "before version 1.3"
      }
    ]
  }
]

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

Related for CVE-2021-33091