PRIOn knowledge basePRION:CVE-2022-27635Improper access control
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.9 Medium
AI Score
Confidence
High
4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
MULTIPLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:M/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.4%
Improper access control for some Intelยฎ PROSet/Wireless WiFi and Killerโข WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 10.0 | |
| fedora | eq | 37 | |
| fedora | eq | 38 | |
| fedora | eq | 39 | |
| killer | lt | 34.22.1163 | |
| proset\\/wireless_wifi | lt | 22.200 | |
| uefi_firmware | lt | 3.2.20.23023 |
References
www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html
lists.debian.org/debian-lts-announce/2023/09/msg00043.html
lists.fedoraproject.org/archives/list/[email protected]/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN/
lists.fedoraproject.org/archives/list/[email protected]/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4/
lists.fedoraproject.org/archives/list/[email protected]/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY/
Related
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.9 Medium
AI Score
Confidence
High
4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
MULTIPLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:M/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.4%