Privilege Escalation Vulnerability in Intel NUC HDMI Firmware Update Tool
CVE-2021-33090

7.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Nuc Hdmi Firmware Update Tool For Nuc10i3fn, Nuc10i5fn, Nuc10i7fn
Vendor: CVE Published:; 17 November 2021

What is CVE-2021-33090?

The Intel NUC HDMI Firmware Update Tool is affected by a security flaw due to incorrect default permissions in its software installer. This vulnerability may allow authenticated users to execute privilege escalation attacks through local access. Users of NUC10i3FN, NUC10i5FN, and NUC10i7FN devices must ensure they are using version 1.78.2.0.7 or later to mitigate potential risks associated with this issue.

Affected Version(s)

Intel(R) NUC HDMI Firmware Update Tool for NUC10i3FN, NUC10i5FN, NUC10i7FN before version 1.78.2.0.7

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 17, 2021
Vulnerability Reserved
May 18, 2021