Improper Access Control in Intel Advisor Software Affects Users
CVE-2021-23152

7.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Advisor Software
Vendor: CVE Published:; 9 February 2022

Summary

The Intel Advisor software, prior to version 2021.2, has been identified with a flaw related to improper access control mechanisms. This vulnerability allows an authenticated user to leverage local access to potentially escalate their privileges. Proper safeguards may not be in place to regulate access, resulting in unintended permissions that can be exploited. Users are advised to upgrade to a patched version to mitigate the risk.

Affected Version(s)

Intel(R) Advisor software before version 2021.2

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 9, 2022
Vulnerability Reserved
Dec 9, 2021