CVE-2022-41687

Published: May 10, 2023Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Insecure inherited permissions in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.1.44 may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected (1)

Products: Intel: Nuc P14e Laptop Element

Intel

1 product

Nuc P14e Laptop Element

Configuration A

1 vulnerable · 14 platform

Vulnerable Software	Affected Versions
Intel Nuc P14e Laptop Element	Before 1.1.44

Running on/with	Platform Versions
Microsoft Windows 10 1507	All versions
Microsoft Windows 10 1511	All versions
Microsoft Windows 10 1607	All versions
Microsoft Windows 10 1703	All versions
Microsoft Windows 10 1709	All versions
Microsoft Windows 10 1803	All versions
Microsoft Windows 10 1809	All versions
Microsoft Windows 10 1903	All versions
Microsoft Windows 10 1909	All versions
Microsoft Windows 10 2004	All versions
Microsoft Windows 10 20h2	All versions
Microsoft Windows 10 21h1	All versions
Microsoft Windows 10 21h2	All versions
Microsoft Windows 10 22h2	All versions

Related CWEs

CWE-276

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

CWE-277

Insecure Inherited Permissions

A product defines a set of insecure permissions that are inherited by objects that are created by the program.

References (2)

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00802.html

Source: secure@intel.com

Vendor Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00802.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.