Insufficient Control Flow Management in Intel Battery Life Diagnostic Tool
CVE-2022-36278

8.2HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Battery Life Diagnostic Tool Software
Vendor: CVE Published:; 16 February 2023

What is CVE-2022-36278?

The Intel Battery Life Diagnostic Tool prior to version 2.2.0 is susceptible to a vulnerability due to insufficient control flow management, allowing an authenticated user to exploit this weakness. This can potentially enable local privilege escalation, which may compromise system integrity and security. Users are advised to review their deployment of the affected software to mitigate risks.

Affected Version(s)

Intel(R) Battery Life Diagnostic Tool software before version 2.2.0

References

http://www.intel.com/content/www/us/en/security-center/ad...

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 16, 2023
Vulnerability Reserved
Jul 23, 2022