Falconcorruption

**Nome do software vulnerável e versões afetadas** Software Intel(R) RAID Web Console em todas as versões **Descrição** O problema está relacionado a um controle de acesso inadequado no software Intel(R) RAID Web Console, o que pode permitir que um usuário autenticado potencialmente consiga escalar privilégios por meio de acesso local. Isso poderia permitir que um usuário mal-intencionado elevasse seus privilégios. **Recomendações** Para todas as versões do software Intel(R) RAID Web Console, considere restringir o acesso local ao software até que uma correção esteja disponível. Como solução alternativa temporária, limite os privilégios dos usuários autenticados para minimizar o risco de exploração. No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Nome do software vulnerável e versões afetadas** Intel(R) UEFI Integrator Tools no Aptio V para Intel(R) NUC (versões afetadas não especificadas) **Descrição** O problema está relacionado a um controle de acesso inadequado no Intel(R) UEFI Integrator Tools no Aptio V para Intel(R) NUC, o que pode permitir que um usuário autenticado potencialmente consiga escalar privilégios por meio de acesso local. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** Intel(R) ISPC software installers versions prior to 1.19.0 **Description** The issue is related to improper access control in some Intel(R) ISPC software installers, which may allow an authenticated user to potentially enable escalation of privileges via local access. **Recommendations** For versions prior to 1.19.0, update to version 1.19.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** The issue concerns an installer that loads or executes files using an unconstrained search path, making it potentially vulnerable to attacks where an attacker's files are loaded or executed instead of the intended files. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Software (affected versions not specified) **Description** The issue arises when the installation directory lacks sufficiently restrictive file permissions, allowing an attacker to modify files and execute malicious code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** The issue arises when the directory containing the installer lacks sufficiently restrictive file permissions, allowing an attacker to modify or replace the installer and execute malicious code. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Intel(R) NUC Pro Software Suite versions prior to 2.0.0.3 **Description** The issue is related to improper access control, which may allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** For versions prior to 2.0.0.3, update to version 2.0.0.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Intel(R) NUC P14E Laptop Element software for Windows 10 versions prior to 1.1.44 **Description** The issue is related to an uncontrolled search path element in the HotKey Services, which may allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** For versions prior to 1.1.44, update to version 1.1.44 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Intel NUC P14E Laptop Element software versions prior to 1.0.0.156 **Description** The issue is related to incorrectly used default permissions in the Audio Service of the Intel NUC P14E Laptop Element software. This could allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** For versions prior to 1.0.0.156, update to version 1.0.0.156 or later to resolve the issue. As a temporary workaround, consider restricting local access to the Audio Service to minimize the risk of exploitation.