7.8
CVE-2024-25561
- EPSS 0.08%
- Published 14.08.2024 14:15:22
- Last modified 25.02.2025 19:32:00
- Source secure@intel.com
- Teams watchlist Login
- Open Login
Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Data is provided by the National Vulnerability Database (NVD)
Intel ≫ Hid Event Filter Driver Version < 2.2.2.1
Intel ≫ Nuc M15 Laptop Kit Lapbc510 Firmware Version-
Intel ≫ Nuc M15 Laptop Kit Lapbc710 Firmware Version-
Intel ≫ Nuc M15 Laptop Kit Laprc510 Firmware Version-
Intel ≫ Nuc M15 Laptop Kit Laprc710 Firmware Version-
Intel ≫ Nuc X15 Laptop Kit Lapac71g Firmware Version-
Intel ≫ Nuc X15 Laptop Kit Lapac71h Firmware Version-
Intel ≫ Nuc X15 Laptop Kit Lapkc51e Firmware Version-
Intel ≫ Nuc X15 Laptop Kit Lapkc71e Firmware Version-
Intel ≫ Nuc X15 Laptop Kit Lapkc71f Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.254 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| secure@intel.com | 5.4 | 0 | 0 |
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| secure@intel.com | 6.7 | 0.8 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
|
CWE-277 Insecure Inherited Permissions
A product defines a set of insecure permissions that are inherited by objects that are created by the program.
CWE-732 Incorrect Permission Assignment for Critical Resource
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.