Improper Access Control in Intel SUR Software Affects Network Security
CVE-2022-29514

7.7HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Sur Software
Vendor: CVE Published:; 16 February 2023

What is CVE-2022-29514?

The Intel SUR software prior to version 2.4.8902 suffers from an improper access control vulnerability. This flaw allows unauthenticated users to potentially escalate their privileges via network access, posing a significant risk to system integrity. For detailed information, please refer to Intel's advisory at http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00729.html.

Affected Version(s)

Intel(R) SUR software before version 2.4.8902

References

http://www.intel.com/content/www/us/en/security-center/ad...

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 16, 2023
Vulnerability Reserved
Jun 27, 2022