CVE-2022-38076

Опубликовано: 11 авг. 2023

Источник: nvd

CVSS3: 3.8

CVSS3: 7.8

EPSS Низкий

Описание

Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access.

Ссылки

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html
Patch
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN/
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4/
Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY/
Mailing List
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html
Patch
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN/
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4/
Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY/
Mailing List

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:intel:killer:*:*:*:*:*:*:*:*

Версия до 34.22.1163 (исключая)

cpe:2.3:a:intel:proset\/wireless_wifi:*:*:*:*:*:*:*:*

Версия до 22.200 (исключая)

cpe:2.3:a:intel:uefi_firmware:*:*:*:*:*:*:*:*

Версия до 3.2.20.23023 (исключая)

Одно из

cpe:2.3:h:intel:dual_band_wireless-ac_3165:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:dual_band_wireless-ac_3168:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:dual_band_wireless-ac_8260:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:dual_band_wireless-ac_8265:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:killer_wireless-ac_1550:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:wireless-ac_9260:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:wireless-ac_9461:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:wireless-ac_9462:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:wireless-ac_9560:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:wireless_7265_\(rev_d\):-:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*

Конфигурация 3

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

EPSS

Процентиль: 23%

0.00073

Низкий

3.8 Low

CVSS3

7.8 High

CVSS3

Дефекты

CWE-20

NVD-CWE-noinfo

Связанные уязвимости

CVE-2022-38076

CVSS3: 3.8

ubuntu

почти 2 года назад

Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2022-38076

CVSS3: 3.8

redhat

почти 2 года назад

Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2022-38076

CVSS3: 3.8

debian

почти 2 года назад

Improper input validation in some Intel(R) PROSet/Wireless WiFi and Ki ...

GHSA-6cj9-745m-pp83

CVSS3: 3.8

github

почти 2 года назад

Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access.

BDU:2023-04889

CVSS3: 7.8

fstec

почти 2 года назад

Уязвимость утилиты для подключения к сети Intel PROSet/Wireless WiFi и Killer WiFii, связанная с недостаточной проверкой входных данных, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 23%

0.00073

Низкий

3.8 Low

CVSS3

7.8 High

CVSS3

Дефекты

CWE-20

NVD-CWE-noinfo