Privilege Escalation Vulnerability in Intel Enpirion Digital Power Configurator
CVE-2022-25999

7.8HIGH

Key Information:

Vendor: Intel
Status: Version
Vendor: CVE Published:; 18 August 2022

What is CVE-2022-25999?

The Intel Enpirion Digital Power Configurator GUI software contains a vulnerability that could be exploited by an authenticated user to escalate privileges locally. This issue stems from an uncontrolled search path element which may allow unauthorized access to sensitive system resources, potentially compromising the integrity of the system. It is crucial for users to ensure they are aware of this vulnerability and apply necessary mitigations as outlined in Intel's advisory.

Affected Version(s)

version See references

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 18, 2022
Vulnerability Reserved
Mar 2, 2022