Lucene search
IntelCVE-2022-42465HistoryMay 10, 2023 - 2:15 p.m.
CVE-2022-42465
2023-05-1014:15:22
CWE-284
intel
web.nvd.nist.gov
20
cve-2022-42465
intel
ofu
driver
privilege escalation
vulnerability
CVSS3
7.2
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
EPSS
0
Percentile
9.0%
Improper access control in kernel mode driver for the Intel® OFU software before version 14.1.30 may allow a privileged user to potentially enable escalation of privilege via local access.
Affected configurations
Node
intelone_boot_flash_updateRange<14.1.30
| Vendor | Product | Version | CPE |
|---|---|---|---|
| intel | one_boot_flash_update | * | cpe:2.3:a:intel:one_boot_flash_update:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "n/a",
"product": "Intel(R) OFU software",
"versions": [
{
"version": "before version 14.1.30",
"status": "affected"
}
],
"defaultStatus": "unaffected"
}
]Related
cvelist
cvelist
CVE-2022-42465
2023-05-10 13:17:11
nvd
nvd
CVE-2022-42465
2023-05-10 14:15:22
prion
prion
Improper access control
2023-05-10 14:15:00
intel
intel
Intel® OFU Software Advisory
2023-05-09 00:00:00
CVSS3
7.2
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
EPSS
0
Percentile
9.0%
Related for CVE-2022-42465