CVE-2022-41687

CVE Database · CVE-2022-41687

CVE-2022-41687

· MEDIUMModified

CVSS v3.1

6.7

EPSS

0.15%

Published

May 10, 2023

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Insecure inherited permissions in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.1.44 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-277CWE-276

Affected Products (15)

intel · nuc_p14e_laptop_element (up to 1.1.44)vulnerable

microsoft · windows_10_1507

microsoft · windows_10_1511

microsoft · windows_10_1607

microsoft · windows_10_1703

microsoft · windows_10_1709

microsoft · windows_10_1803

microsoft · windows_10_1809

microsoft · windows_10_1903

microsoft · windows_10_1909

microsoft · windows_10_2004

microsoft · windows_10_20h2

· windows_10_21h1

References (2)

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00802.html

Vendor Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00802.html

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs