Improper Access Control in Intel Battery Life Diagnostic Tool
CVE-2022-38786

7.8HIGH

Key Information:

Vendor: Intel
Status: Intel Battery Life Diagnostic Tool Software
Vendor: CVE Published:; 14 November 2023

What is CVE-2022-38786?

Improper access control in the Intel Battery Life Diagnostic Tool software prior to version 2.2.1 may allow an authenticated user to escalate privileges through local access. This vulnerability highlights the importance of stringent access control measures to protect sensitive functionalities in software applications. For more information, please refer to the official advisory.

Affected Version(s)

Intel Battery Life Diagnostic Tool software before version 2.2.1

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 14, 2023
Vulnerability Reserved
Sep 28, 2022