Vulnerability Description
Insecure inherited permissions in some Intel(R) Wireless Adapter Driver installation software for Intel(R) NUC Kits & Mini PCs before version 22.190.0.3 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Nuc Kit Wireless Adapter Driver Installer | < 22.40.0 |
| Intel | Nuc 8 Rugged Kit Nuc8Cchkr | - |
| Intel | Nuc Board Nuc8Cchb | - |
| Intel | Nuc Kit Nuc5Pgyh | - |
| Intel | Nuc Kit Nuc5Ppyh | - |
| Intel | Nuc Kit Nuc6Cayh | - |
| Intel | Nuc Kit Nuc6Cays | - |
Related Weaknesses (CWE)
References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.
FAQ
What is CVE-2022-36377?
CVE-2022-36377 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Insecure inherited permissions in some Intel(R) Wireless Adapter Driver installation software for Intel(R) NUC Kits & Mini PCs before version 22.190.0.3 for Windows may allow an authenticated user to ...
How severe is CVE-2022-36377?
CVE-2022-36377 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-36377?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Nuc Kit Wireless Adapter Driver Installer, Intel Nuc 8 Rugged Kit Nuc8Cchkr, Intel Nuc Board Nuc8Cchb, Intel Nuc Kit Nuc5Pgyh, Intel Nuc Kit Nuc5Ppyh.