Описание
Path transversal in some Intel(R) NUC Kits & Mini PCs - NUC8i7HVK & NUC8HNK USB Type C power delivery controller installatio software before version 1.0.10.3 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.0.10.3 (исключая)
Одновременно
cpe:2.3:a:intel:usb_type_c_power_delivery_controller:*:*:*:*:*:windows:*:*
Одно из
cpe:2.3:h:intel:nuc_8_business_nuc8i7hnkqc:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_8_enthusiast_nuc8i7hvkva:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_8_enthusiast_nuc8i7hvkvaw:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_kit_nuc8i7hnk:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_kit_nuc8i7hvk:-:*:*:*:*:*:*:*
EPSS
Процентиль: 27%
0.00096
Низкий
6.7 Medium
CVSS3
7.3 High
CVSS3
Дефекты
CWE-249
CWE-22
Связанные уязвимости
CVSS3: 6.7
github
около 2 лет назад
Path transversal in some Intel(R) NUC Kits & Mini PCs - NUC8i7HVK & NUC8HNK USB Type C power delivery controller installatio software before version 1.0.10.3 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.
EPSS
Процентиль: 27%
0.00096
Низкий
6.7 Medium
CVSS3
7.3 High
CVSS3
Дефекты
CWE-249
CWE-22