Improper Authentication in Intel SUR Software
CVE-2022-32971

3.1LOW

Key Information:

Vendor: Intel
Status: Intel(r) Sur Software
Vendor: CVE Published:; 16 February 2023

What is CVE-2022-32971?

Improper authentication in the Intel SUR software prior to version 2.4.8902 can allow a privileged user to exploit network access, potentially enabling unauthorized privilege escalation. This vulnerability highlights the importance of ensuring robust authentication mechanisms within software applications to prevent exploitation by malicious actors.

Affected Version(s)

Intel(R) SUR software before version 2.4.8902

References

http://www.intel.com/content/www/us/en/security-center/ad...

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 16, 2023
Vulnerability Reserved
Jun 27, 2022