7.8

CVE-2021-0064

Insecure inherited permissions in the Intel(R) PROSet/Wireless WiFi software installer for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IntelAx210 Firmware Version < 22.40
   IntelAx210 Version-
IntelAx201 Firmware Version < 22.40
   IntelAx201 Version-
IntelAx200 Firmware Version < 22.40
   IntelAx200 Version-
IntelAc 9560 Firmware Version < 22.40
   IntelAc 9560 Version-
IntelAc 9462 Firmware Version < 22.40
   IntelAc 9462 Version-
IntelAc 9461 Firmware Version < 22.40
   IntelAc 9461 Version-
IntelAc 9260 Firmware Version < 22.40
   IntelAc 9260 Version-
IntelAc 8265 Firmware Version < 22.40
   IntelAc 8265 Version-
IntelAc 8260 Firmware Version < 22.40
   IntelAc 8260 Version-
IntelAc 3168 Firmware Version < 22.40
   IntelAc 3168 Version-
Intel7265 Firmware Version < 22.40
   Intel7265 Version-
IntelAc 3165 Firmware Version < 22.40
   IntelAc 3165 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.04% 0.097
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
CWE-732 Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.