CVE-2022-41687

Published May 10, 2023

Last updated a year ago

CVSS high 7.8

Overview

Description: Insecure inherited permissions in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.1.44 may allow an authenticated user to potentially enable escalation of privilege via local access.
Source: secure@intel.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: CWE-276
secure@intel.com: CWE-277

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "542DAEEC-73CC-46C6-A630-BF474A3446AC"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1511:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7A8E9D99-BD78-4340-88F2-5AFF27AC37C9"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "61019899-D7AF-46E4-A72C-D189180F66AB"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1703:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E1DD582C-1660-4E6E-81A1-537BD1307A99"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AC160B20-3EA0-49A0-A857-4E7A1C2D74E2"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "00345596-E9E0-4096-8DC6-0212F4747A13"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2E332666-2E03-468E-BC30-299816D6E8ED"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A363CE8F-F399-4B6E-9E7D-349792F95DDB"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A1B570A8-ED1A-46B6-B8AB-064445F8FC4C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_2004:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D4DBE5B2-AE10-4251-BCDA-DC5EDEE6EE67"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_20h2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6AFD13A6-A390-4400-9029-2F4058CA17E2"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_21h1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B1FED4C9-B680-4F44-ADC0-AC43D6B5F184"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2F513002-D8C1-4D3A-9F79-4B52498F67E9"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4D8DC08D-A860-493A-8AA6-1AD4A0A511AD"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:intel:nuc_p14e_laptop_element:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E01DB3E8-AD45-46C8-B06D-0B99E1504312",
            "versionEndExcluding": "1.1.44"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References