Lucene search

[email protected]CVE-2022-40971

HistoryMay 10, 2023 - 2:15 p.m.

CVE-2022-40971

2023-05-1014:15:14

CWE-276

[email protected]

web.nvd.nist.gov

cve-2022-40971

intel

hdmi

firmware

update tool

nuc

privilege escalation

local access

security vulnerability

nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Incorrect default permissions for the Intel® HDMI Firmware Update Tool for NUC before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected configurations

Vulners

NVD

Node

intelnuc_hdmi_firmware_update_toolRange<1.79.1.1

CPENameOperatorVersion
intel:nuc_hdmi_firmware_update_toolintel nuc hdmi firmware update toollt1.79.1.1

CPE	Name	Operator	Version
intel:nuc_hdmi_firmware_update_tool	intel nuc hdmi firmware update tool	lt	1.79.1.1

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel(R) HDMI Firmware Update Tool for NUC",
    "versions": [
      {
        "version": "before version 1.79.1.1",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00833.html

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVE-2022-40971

cvelist1 nvd1 prion1 intel1