20 results (0.003 seconds)

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

14 Feb 2024 — Improper access control in some Intel(R) DSA software before version 23.4.33 may allow an authenticated user to potentially enable escalation of privilege via local access. Un control de acceso inadecuado en algún software Intel(R) DSA anterior a la versión 23.4.33 puede permitir que un usuario autenticado habilite potencialmente la escalada de privilegios a través del acceso local. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00969.html • CWE-284: Improper Access Control •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

13 Dec 2023 — Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DSA Service. By creating a symbolic link, an attacker can abuse the service to write a file. • https://www.zerodayinitiative.com/advisories/ZDI-23-1773 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

21 Sep 2023 — Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DSA Service. By creating a symbolic link, an attacker can abuse the service to delete a file. • https://www.zerodayinitiative.com/advisories/ZDI-23-1449 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

11 Aug 2023 — Cross-site scripting (XSS) for the Intel(R) DSA software before version 23.1.9 may allow unauthenticated user to potentially enable escalation of privilege via network access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00878.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

16 Feb 2023 — Description: Race condition in the Intel(R) DSA software before version 22.4.26 may allow an authenticated user to potentially enable escalation of privilege via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00725.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

16 Feb 2023 — Protection mechanism failure in the Intel(R) DSA software before version 22.4.26 may allow an authenticated user to potentially enable escalation of privilege via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00725.html •

CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0

18 Aug 2022 — Improper access control in the Intel(R) DSA software for before version 22.2.14 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. Un control de acceso inapropiado en el software Intel(R) DSA para versiones anteriores a 22.2.14, puede permitir que un usuario autenticado permita potencialmente una escalada de privilegios por medio de un acceso adyacente. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00679.html •

CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0

09 Jun 2021 — Uncontrolled search path element in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable an escalation of privilege via local access. Un elemento de ruta de búsqueda no controlado en Intel® DSA versiones anteriores a 20.11.50.9 puede permitir a un usuario autenticado permitir potencialmente una escalada de privilegios por medio de un acceso local • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00510.html • CWE-427: Uncontrolled Search Path Element •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

09 Jun 2021 — Insufficient control flow management in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable escalation of privilege via local access. Una administración insuficiente del flujo de control en Intel® DSA versiones anteriores a 20.11.50.9 puede permitir a un usuario autenticado permitir potencialmente una escalada de privilegios por medio de un acceso local • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00510.html •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

09 Jun 2021 — Improper link resolution before file access in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable an escalation of privilege via local access. Una resolución inapropiada de enlaces antes del acceso a archivos en Intel® DSA versiones anteriores a 20.11.50.9 puede permitir a un usuario autenticado permitir potencialmente una escalada de privilegios por medio de un acceso local • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00510.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •