PT-2021-20047 · Intel · Intel(R) Nuc M15 Laptop Kit Keyboard Led Service

Published

2021-11-17

Updated

2021-11-19

CVE-2021-33094

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Intel(R) NUC M15 Laptop Kit Keyboard LED Service driver pack versions prior to 1.0.0.4

Description The issue concerns insecure inherited permissions in the installer for the Intel(R) NUC M15 Laptop Kit Keyboard LED Service driver pack. This may allow an authenticated user to potentially enable escalation of privilege via local access.

Recommendations For versions prior to 1.0.0.4, update to version 1.0.0.4 or later to resolve the issue.

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

CVE-2021-33094

Affected Products

Intel(R) Nuc M15 Laptop Kit Keyboard Led Service

PT-2021-20047 · Intel · Intel(R) Nuc M15 Laptop Kit Keyboard Led Service

CVE-2021-33094

Weakness Enumeration

Related Identifiers

Affected Products

References · 4