Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2022-34405
HistoryJan 26, 2023 - 9:15 p.m.

CVE-2022-34405

2023-01-2621:15:42
CWE-285
[email protected]
web.nvd.nist.gov
22
improper access control
vulnerability
realtek audio driver
local authenticated user
privilege escalation

7.3 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

An improper access control vulnerability was identified in the Realtek audio driver. A local authenticated malicious user may potentially exploit this vulnerability by waiting for an administrator to launch the application and attach to the process to elevate privileges on the system.

Affected configurations

NVD
Node
dellrealtek_high_definition_audio_driverRange<6.0.9433.1
AND
dellalienware_m15_ryzen_edition_r5Match-
OR
dellg15_5515Match-
Node
dellrealtek_high_definition_audio_driverRange<6.0.9400.1
AND
dellalienware_m15_r6Match-
OR
dellg15_5510Match-
OR
dellg15_5511Match-
Node
dellrealtek_high_definition_audio_driverRange<6.0.9394.1
AND
dellalienware_area_51m_r1Match-
OR
dellalienware_area_51m_r2Match-
OR
dellalienware_aurora_r10Match-
OR
dellalienware_aurora_r11Match-
OR
dellalienware_aurora_r12Match-
OR
dellalienware_aurora_r8Match-
OR
dellalienware_aurora_r9Match-
OR
dellalienware_m15_r1Match-
OR
dellalienware_m15_r2Match-
OR
dellalienware_m15_r3Match-
OR
dellalienware_m15_r4Match-
OR
dellalienware_m17_r1Match-
OR
dellalienware_m17_r2Match-
OR
dellalienware_m17_r3Match-
OR
dellalienware_m17_r4Match-
OR
dellg5_5000Match-
OR
dellg5_5090Match-
OR
dellg5_5590Match-
OR
dellg7_7590Match-
OR
dellg7_7790Match-
Node
dellrealtek_high_definition_audio_driverRange<6.0.9407.1
AND
dellg7_7500Match-
OR
dellg7_7700Match-
Node
dellrealtek_high_definition_audio_driverRange<6.0.9388.1
AND
dellalienware_aurora_r13Match-
OR
dellalienware_x15_r1Match-
OR
dellalienware_x17_r1Match-
Node
dellrealtek_high_definition_audio_driverRange<6.0.9254.1
AND
dellg3_3590Match-
Node
dellrealtek_high_definition_audio_driverRange<6.0.9422.1
AND
dellg3_3500Match-
OR
dellg5_5500Match-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Alienware m15 Ryzen Edition R5",
      "Alienware m15 R6",
      "Dell G5 5090",
      "Dell G5 5000",
      "Alienware Area 51m R2",
      "Dell G7 7500",
      "Dell G7 7700",
      "Alienware x15 R1",
      "Alienware x17 R1",
      "Alienware m15 R1",
      "Alienware m17 R1",
      "Dell Gaming G3 3590",
      "Dell G3 3500",
      "Dell G5 5500",
      "Alienware Area 51m R1",
      "Alienware Aurora R8",
      "Dell G15 5515",
      "Dell G15 5510",
      "Dell G15 5511",
      "Alienware Aurora R10",
      "Alienware Aurora R9",
      "Alienware Aurora R11",
      "Alienware Aurora R12",
      "Alienware m15 R3",
      "Alienware m15 R4",
      "Alienware m17 R3",
      "Alienware m17 R4",
      "Dell G5 5590",
      "Dell G7 7590",
      "Dell G7 7790",
      "Alienware Aurora R13",
      "Alienware m15 R2",
      "Alienware m17 R2"
    ],
    "product": "CPG Drivers",
    "vendor": "Dell",
    "versions": [
      {
        "status": "unaffected",
        "version": "6.0.9433.1"
      },
      {
        "status": "unaffected",
        "version": "6.0.9400.1"
      },
      {
        "status": "unaffected",
        "version": "6.0.9394.1"
      },
      {
        "status": "unaffected",
        "version": "1.37.275.0"
      },
      {
        "status": "unaffected",
        "version": "6.0.9407.1"
      },
      {
        "status": "unaffected",
        "version": "6.0.9388.1"
      },
      {
        "status": "unaffected",
        "version": "6.0.9254.1"
      },
      {
        "status": "unaffected",
        "version": "6.0.9422.1"
      }
    ]
  }
]

Related

nvd 1
prion 1
cvelist 1
nvd
nvd
CVE-2022-34405
2023-01-26 21:15:42
prion
prion
Improper access control
2023-01-26 21:15:00
cvelist
cvelist
CVE-2022-34405
2023-01-25 16:15:43

7.3 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for CVE-2022-34405
nvd1prion1cvelist1