Improper Access Control in Intel SUR Software Affects Network Security
CVE-2022-29514

7.7HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Sur Software
Vendor: CVE Published:; 16 February 2023

Summary

The Intel SUR software prior to version 2.4.8902 suffers from an improper access control vulnerability. This flaw allows unauthenticated users to potentially escalate their privileges via network access, posing a significant risk to system integrity. For detailed information, please refer to Intel's advisory at http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00729.html.

Affected Version(s)

Intel(R) SUR software before version 2.4.8902

References

http://www.intel.com/content/www/us/en/security-center/ad...

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 16, 2023
Vulnerability Reserved
Jun 27, 2022