Insecure Inherited Permissions

CVE-2022-36377

Medium

6.7/10

Summary

Insecure inherited permissions in some Intel(R) Wireless Adapter Driver installation software for Intel(R) NUC Kits & Mini PCs before version 22.190.0.3 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.

Attack Complexity: HIGH
Attack Vector: LOCAL
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-277 - Insecure Inherited Permissions

A product defines a set of insecure permissions that are inherited by objects that are created by the program.

References

Advisory Timeline

Published Nov 11, 2022

Insecure Inherited Permissions

CVE-2022-36377

Summary

CWE-277 - Insecure Inherited Permissions

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS