Insecure Inherited Permissions in Intel NUC Watchdog Timer Software
CVE-2022-33898

6.7MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Nuc Watchdog Timer Installation Software
Vendor: CVE Published:; 14 November 2023

Summary

The Intel NUC Watchdog Timer installation software versions prior to 2.0.21.0 contains a vulnerability due to insecure inherited permissions. This security flaw can be exploited by an authenticated user with local access, potentially allowing them to escalate privileges. This issue underscores the importance of proper permission management to secure systems against unauthorized access and privilege escalation.

Affected Version(s)

Intel(R) NUC Watchdog Timer installation software before version 2.0.21.0

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 14, 2023
Vulnerability Reserved
Jun 19, 2022