MEDIUM✓ PATCH🇬🇧 English

CVE-2023-33870

CVSS 6.7v3.1pub. 2024-02-14upd. 2024-11-21

Insecure inherited permissions in some Intel(R) Ethernet tools and driver install software may allow an authenticated user to potentially enable escalation of privilege via local access.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
  • Intel Administrative Tools For Intel Network Adapters

    APP
    Intel
    < 28.2
  • Intel Ethernet Connections Boot Utility\, Preboot Images\, And Efi Drivers

    APP
    Intel
    < 28.2
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2021-33058HIGH7.8ten sam produkt

Improper access control in the installer Intel(R)Administrative Tools for Intel(R) Network Adaptersfor Windows...

CVE-2019-0159HIGH7.8ten sam produkt

Insufficient memory protection in the Linux Administrative Tools for Intel(R) Network Adapters before version ...

CVE-2022-27808MEDIUM6.3ten sam produkt

Insufficient control flow management in some Intel(R) Ethernet Controller Administrative Tools drivers for Win...

CVE-2022-41314MEDIUM6.7ten sam produkt

Uncontrolled search path in some Intel(R) Network Adapter installer software may allow an authenticated user t...

CVE-2021-33059MEDIUM6.7ten sam produkt

Improper input validation in the Intel(R) Administrative Tools for Intel(R) Network Adapters driver for Window...