PT-2023-7459 · Intel+1 · Intel Scs Add-On+1
Falcon Corruption
·
Published
2023-05-10
·
Updated
2023-05-19
·
CVE-2023-22440
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Intel(R) SCS Add-on software installer for Microsoft SCCM all versions
Description
The issue is related to incorrect default permissions in the Intel(R) SCS Add-on software installer for Microsoft SCCM, which may allow an authenticated user to potentially enable escalation of privilege via local access. This could potentially be exploited by an attacker to gain elevated privileges.
Recommendations
For all versions of the Intel(R) SCS Add-on software installer for Microsoft SCCM, consider updating the permissions to prevent escalation of privilege. As a temporary workaround, restrict local access to the installer to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Incorrect Default Permissions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Intel Scs Add-On
Sccm