Lucene search

K
intel
Intel Security CenterINTEL:INTEL-SA-00653
HistoryAug 09, 2022 - 12:00 a.m.

Intel® Edge Insights for Industrial Advisory

2022-08-0900:00:00
Intel Security Center
www.intel.com
18

Summary:

Potential security vulnerabilities in the Intel® Edge Insights for Industrialsoftwaremay allow escalation of privilege or information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities.

Vulnerability Details:

** **CVEID: CVE-2022-22730

Description: Improper authentication in the Intel® Edge Insights for Industrial software before version 2.6.1 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

CVSS Base Score: 7.1 High

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L****

CVEID: CVE-2022-25966****

Description: Improper access control in the Intel® Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.5 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CVEID: CVE-2022-21148****

Description: Improper access control in the Intel® Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 5.2 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N****

CVEID: CVE-2022-21152

Description: Improper access control in the Intel® Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable information disclosure via local access.

CVSS Base Score: 3.3 Low

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected Products:

Intel® Edge Insights for Industrial software before version 2.6.1.

Recommendations:

Intel recommends updating the Intel® Edge Insights for Industrial software to version 2.6.1 or later.****

Updates are available for download at this location: <https://github.com/open-edge-insights/&gt;

Acknowledgements:

These issues were found internally by Intel.****

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

Be first who know about 0-days in popular software

Do not waste time on finding information in tons of articles. Subscribe yourself and your colleagues on news and articles about products you need and you use!

Subscribe on news
Related for INTEL:INTEL-SA-00653