Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-27298

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-10 May, 2023 | 13:17
Updated At-24 Jan, 2025 | 17:51
Rejected At-
Credits

Uncontrolled search path in the WULT software maintained by Intel(R) before version 1.0.0 (commit id 592300b) may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:10 May, 2023 | 13:17
Updated At:24 Jan, 2025 | 17:51
Rejected At:
▼CVE Numbering Authority (CNA)

Uncontrolled search path in the WULT software maintained by Intel(R) before version 1.0.0 (commit id 592300b) may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Affected Products
Vendor
n/a
Product
WULT software maintained by Intel(R)
Default Status
unaffected
Versions
Affected
  • before version 1.0.0 (commit id 592300b)
Problem Types
TypeCWE IDDescription
N/AN/Aescalation of privilege
CWECWE-427Uncontrolled search path
Type: N/A
CWE ID: N/A
Description: escalation of privilege
Type: CWE
CWE ID: CWE-427
Description: Uncontrolled search path
Metrics
VersionBase scoreBase severityVector
3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00853.html
N/A
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00853.html
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00853.html
x_transferred
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00853.html
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:10 May, 2023 | 14:15
Updated At:07 Nov, 2023 | 04:09

Uncontrolled search path in the WULT software maintained by Intel(R) before version 1.0.0 (commit id 592300b) may allow an unauthenticated user to potentially enable escalation of privilege via network access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Secondary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CPE Matches
Intel Corporation
intel
>>wake_up_latency_tracer>>Versions before 1.0.0(exclusive)
cpe:2.3:a:intel:wake_up_latency_tracer:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-428Primarynvd@nist.gov
CWE-427Secondarysecure@intel.com
CWE ID: CWE-428
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-427
Type: Secondary
Source: secure@intel.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00853.htmlsecure@intel.com
Vendor Advisory
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00853.html
Source: secure@intel.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

174Records found
CVE-2023-28380
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.19% / 41.54%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-15 Oct, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for the Intel(R) AI Hackathon software before version 2.0.0 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ai_hackathonIntel(R) AI Hackathon software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-11485
Matching Score-8
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-8
Assigner-NVIDIA Corporation
CVSS Score-8.8||HIGH
EPSS-0.28% / 50.69%
||
7 Day CHG~0.00%
Published-29 Oct, 2020 | 03:35
Updated-04 Aug, 2024 | 11:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a Cross-Site Request Forgery (CSRF) vulnerability in the AMI BMC firmware in which the web application does not sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request, which can lead to information disclosure or code execution.

Action-Not Available
Vendor-NVIDIA CorporationIntel Corporation
Product-bmc_firmwaredgx-1NVIDIA DGX Servers
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2023-39412
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.16% / 37.21%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 17:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site request forgery in some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel CorporationApple Inc.Google LLCMicrosoft Corporation
Product-androidwindowsunison_softwareiphone_osIntel Unison software
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2022-34848
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 22.08%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_pro_software_suiteIntel(R) NUC Pro Software Suite
CWE ID-CWE-427
Uncontrolled Search Path Element
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2018-12163
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.8||MEDIUM
EPSS-0.17% / 38.59%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-16 Sep, 2024 | 17:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A DLL injection vulnerability in the Intel IoT Developers Kit 4.0 installer may allow an authenticated user to potentially escalate privileges using file modification via local access.

Action-Not Available
Vendor-Intel Corporation
Product-iot_developers_kitIntel IoT Developers Kit
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2018-12160
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.04% / 10.15%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-16 Sep, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory permissions via local access.

Action-Not Available
Vendor-Intel Corporation
Product-data_migration_softwareIntel(R) Data Migration Software
CWE ID-CWE-276
Incorrect Default Permissions
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-32576
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 22.08%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-24 Jan, 2025 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) Unite(R) Plugin SDK before version 4.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-uniteIntel(R) Unite(R) Plugin SDK
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-0057
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.27%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 19:05
Updated-03 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-lapbc510_firmwarelapbc510lapbc710lapbc710_firmwareIntel(R) NUC M15 Laptop Kit Driver Pack software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-0108
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.3||HIGH
EPSS-0.07% / 21.18%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 19:04
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-uniteIntel Unite(R) Client for Windows
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-0090
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.3||HIGH
EPSS-0.15% / 36.67%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 19:07
Updated-03 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-driver_\&_support_assistantIntel(R) DSA
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-0104
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.79%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 19:13
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the installer for the Intel(R) Rapid Storage Technology software, before versions 17.9.0.34, 18.0.0.640 and 18.1.0.24, may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-rapid_storage_technologyIntel(R) Rapid Storage Technology software,
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-0160
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.18%
||
7 Day CHG~0.00%
Published-11 Aug, 2021 | 12:48
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) NUC Pro Chassis Element AverMedia Capture Card drivers before version 3.0.64.143 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_pro_chassis_element_cmcm2fbavnuc_pro_chassis_element_cmcr1abbnuc_pro_chassis_element_cmcr1abcnuc_pro_chassis_element_cmcr1abaavermedia_capture_cardnuc_pro_chassis_element_cmcm2fbIntel(R) NUC Pro Chassis Element AverMedia Capture Card drivers
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-27638
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 23.34%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:48
Updated-05 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) Advanced Link Analyzer Pro before version 22.2 and Standard edition software before version 22.1.1 STD may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-advanced_link_analyzerIntel(R) Advanced Link Analyzer Pro and Standard edition
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-8702
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.3||HIGH
EPSS-0.10% / 27.83%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 18:47
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) Processor Diagnostic Tool before version 4.1.5.37 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-processor_diagnostic_toolIntel(R) Processor Diagnostic Tool
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-25999
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.88%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 19:56
Updated-05 May, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) Enpirion(R) Digital Power Configurator GUI software, all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-enpirion_digital_power_configurator_guiversion
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-8687
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.18%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 03:16
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the installer for Intel(R) RSTe Software RAID Driver for the Intel(R) Server Board M10JNP2SB before version 4.7.0.1119 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-rste_software_raidIntel(R) RSTe Software RAID Driver for the Intel(R) Server Board M10JNP2SB Advisory
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-26374
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.88%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 19:59
Updated-25 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the installation binaries for Intel(R) SEAPI all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-single_event_apiversion
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-26032
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 25.07%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 19:59
Updated-27 Jan, 2025 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) Distribution for Python programming language before version 2022.1 for Intel(R) oneAPI Toolkits may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-distribution_for_pythonIntel(R) Distribution for Python programming language for Intel(R) oneAPI Toolkits
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-26425
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 25.07%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 19:59
Updated-27 Jan, 2025 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) oneAPI Collective Communications Library (oneCCL) before version 2021.6 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_collective_communications_libraryIntel(R) oneAPI Collective Communications Library (oneCCL) for Intel(R) oneAPI Base Toolkit
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-26512
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 25.07%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 19:59
Updated-27 Jan, 2025 | 18:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) FPGA Add-on for Intel(R) oneAPI Base Toolkit before version 2022.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-fpga_add-onIntel(R) FPGA Add-on for Intel(R) oneAPI Base Toolkit
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-26028
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.77%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:49
Updated-29 Jan, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-vtune_profilerIntel(R) VTune(TM) Profiler software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-26062
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 25.07%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 19:59
Updated-27 Jan, 2025 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) Trace Analyzer and Collector before version 2021.6 for Intel(R) oneAPI HPC Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-trace_analyzer_and_collectorIntel(R) Trace Analyzer and Collector for Intel(R) oneAPI HPC Toolkit
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-27187
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.09% / 26.39%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:48
Updated-05 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) Quartus Prime Standard edition software before version 21.1 Patch 0.02std may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quartus_primeIntel(R) Quartus Prime Standard edition software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-26052
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 25.07%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 19:59
Updated-27 Jan, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) MPI Library before version 2021.6 for Intel(R) oneAPI HPC Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-mpi_libraryIntel(R) MPI Library for Intel(R) oneAPI HPC Toolkit
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-26086
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 17.39%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:48
Updated-05 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the PresentMon software maintained by Intel(R) before version 1.7.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-gametechdev_presentmonPresentMon software maintained by Intel(R)
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-26421
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 25.07%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 19:59
Updated-27 Jan, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) oneAPI DPC++/C++ Compiler Runtime before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_dpc\+\+\/c\+\+_compiler_runtimeIntel(R) oneAPI DPC++/C++ Compiler Runtime
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-25905
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 22.08%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 19:59
Updated-27 Jan, 2025 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) oneAPI Data Analytics Library (oneDAL) before version 2021.5 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_data_analytics_libraryIntel(R) oneAPI Data Analytics Library (oneDAL) for Intel(R) oneAPI Base Toolkit
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-28696
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.88%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 19:57
Updated-05 May, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) Distribution for Python before version 2022.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-distribution_for_pythonIntel(R) Distribution for Python
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-25841
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.88%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 19:56
Updated-05 May, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path elements in the Intel(R) Datacenter Group Event Android application, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-datacenter_group_eventversion
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-26076
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 25.07%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 19:59
Updated-27 Jan, 2025 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) oneAPI Deep Neural Network (oneDNN) before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_deep_neural_networkIntel(R) oneAPI Deep Neural Network (oneDNN)
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-26345
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.41%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 19:59
Updated-27 Jan, 2025 | 18:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) oneAPI Toolkit OpenMP before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-openmpIntel(R) oneAPI Toolkit OpenMP
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-27180
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.2||MEDIUM
EPSS-0.05% / 14.15%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-24 Jan, 2025 | 17:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) MacCPUID software before version 3.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-maccpuidIntel(R) MacCPUID software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-25864
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 15.56%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-10 Oct, 2024 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) oneMKL software before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_math_kernel_libraryIntel(R) oneMKL software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-21807
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.88%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 19:52
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path elements in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-vtune_profilerIntel(R) VTune(TM) Profiler software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-22139
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.3||HIGH
EPSS-0.21% / 43.34%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 16:35
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) XTU software before version 7.3.0.33 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-extreme_tuning_utilityIntel(R) XTU software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-45320
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.09% / 26.47%
||
7 Day CHG+0.04%
Published-16 May, 2024 | 20:47
Updated-28 Aug, 2025 | 01:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in some Intel(R) VTune(TM) Profiler software before version 2024.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-vtune_profilerIntel(R) VTune(TM) Profiler softwarevtune_profiler
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-24485
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.17% / 39.09%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:35
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper conditions check in the Intel(R) FPGA OPAE Driver for Linux before kernel version 4.17 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-trace_analyzer_and_collectorIntel(R) FPGA OPAE Driver for Linux
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-24451
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.3||HIGH
EPSS-0.07% / 21.18%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:54
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) Optane(TM) DC Persistent Memory installer for Windows* before version 1.00.00.3506 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-optane_dc_persistent_memory_module_managementIntel(R) Optane(TM) DC Persistent Memory installer for Windows*
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-45743
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.10% / 28.56%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-28 Jan, 2025 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) DSA software uninstallers before version 23.4.39.10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-driver_\&_support_assistantIntel(R) DSA software uninstallersdsa_software_uninstallers
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-21162
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.10% / 27.44%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for the Intel(R) HDMI Firmware Update tool for NUC before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_hdmi_firmware_update_toolIntel(R) HDMI Firmware Update tool for NUC
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-43751
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.09% / 27.07%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-02 Aug, 2024 | 19:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in Intel(R) Graphics Command Center Service bundled in some Intel(R) Graphics Windows DCH driver software before versions 31.0.101.3790/31.0.101.2114 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) Graphics Windows DCH driver softwaregraphics_windows_dch_driver_software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-0565
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.18%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 20:49
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in Intel(R) Graphics Drivers before version 26.20.100.7158 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-graphics_driverIntel(R) Graphics Drivers
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-12320
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.18%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:15
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in Intel(R) SCS Add-on for Microsoft* SCCM before version 2.1.10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-scs_add-on_for_microsoft_sccmIntel(R) SCS Add-on for Microsoft* SCCM
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-12329
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.18%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:24
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) VTune(TM) Profiler before version 2020 Update 1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-vtune_profilerIntel(R) VTune(TM) Profiler
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-41961
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.11% / 29.67%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-23 Jan, 2025 | 18:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) GPA software before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_performance_analyzersIntel(R) GPA softwaregraphics_performance_analyzers
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-41091
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.14% / 35.37%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-24 Oct, 2024 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for some Intel(R) MPI Library Software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-mpi_libraryIntel(R) MPI Library Software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-40155
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 6.99%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-02 Aug, 2024 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for some Intel(R) CST software before version 2.1.10300 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) CST softwarecontext_sensing_technology
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-39929
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 2.93%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-06 Sep, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Libva software maintained by Intel(R) before version 2.20.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Libva software maintained by Intel(R)libva
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-39932
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.10% / 29.18%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-24 Oct, 2024 | 19:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) SUR for Gameplay Software before version 2.0.1901 may allow a privillaged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-system_usage_report_for_gameplayIntel(R) SUR for Gameplay Softwaresystem_usage_report
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-40156
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.15% / 36.45%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-25 Oct, 2024 | 19:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in some Intel(R) SSU software before version 3.0.0.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-system_support_utilityIntel(R) SSU softwaresystem_support_utility
CWE ID-CWE-427
Uncontrolled Search Path Element
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found