PT-2023-7428 · Intel · Intel Nuc P14E Laptop Element

Falconcorruption

Publicado

2023-05-09

Atualizado

2023-05-19

CVE-2023-27382

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Intel NUC P14E Laptop Element software versions prior to 1.0.0.156

Description The issue is related to incorrectly used default permissions in the Audio Service of the Intel NUC P14E Laptop Element software. This could allow an authenticated user to potentially enable escalation of privilege via local access.

Recommendations For versions prior to 1.0.0.156, update to version 1.0.0.156 or later to resolve the issue. As a temporary workaround, consider restricting local access to the Audio Service to minimize the risk of exploitation.

Correção

Incorrect Default Permissions

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-276

Identificadores relacionados

BDU:2023-08467

CVE-2023-27382

Produtos afetados

Intel Nuc P14E Laptop Element

PT-2023-7428 · Intel · Intel Nuc P14E Laptop Element

CVE-2023-27382

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6