CVE-2022-36377

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Intel(R) Wireless Adapter Driver installation software for Intel(R) NUC Kits & Mini PCs versions prior to 22.190.0.3 Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 versions prior to 22.40

Description The issue is related to insecure inherited permissions in the installation software for some Intel Wireless Adapter drivers, which may allow an authenticated user to potentially enable escalation of privilege via local access.

Recommendations For versions prior to 22.190.0.3, update to version 22.190.0.3 or later to resolve the issue. For versions prior to 22.40, update to version 22.40 or later to resolve the issue.

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276CWE-277

Related Identifiers

CVE-2022-36377

Affected Products

Intel Nuc Kit Wireless Adapter Drivers

Intel Wireless Adapter Driver

Windows 10

CVE-2022-36377

Weakness Enumeration

Related Identifiers

Affected Products

References · 4