Skip to main content

Lapbc510 Firmware CVE-2021-0056

HIGH
Incorrect Permission Assignment for Critical Resource (CWE-732)
2021-06-09 secure@intel.com
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Jun 09, 2021 - 20:15 nvd
HIGH 7.8

DescriptionNVD

Insecure inherited permissions for the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

AnalysisAI

Insecure inherited permissions for the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an authenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Incorrect Permission Assignment (CWE-732), which allows attackers to access resources due to misconfigured permissions. Insecure inherited permissions for the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Affected products include: Intel Lapbc510 Firmware, Intel Lapbc710 Firmware. Version information: version 1.1.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Review and restrict file/resource permissions, apply principle of least privilege.

CVE-2022-34488 HIGH
7.8 Aug 18

Improper buffer restrictions in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privile

CVE-2022-33209 HIGH
7.8 Aug 18

Improper input validation in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged

CVE-2022-28858 HIGH
7.8 Aug 18

Improper buffer restriction in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileg

CVE-2022-27493 HIGH
7.8 Aug 18

Improper initialization in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged u

CVE-2021-0058 HIGH
7.8 Jun 09

Incorrect default permissions in the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may all

CVE-2021-0057 HIGH
7.8 Jun 09

Uncontrolled search path in the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an

CVE-2022-32579 HIGH
7.2 Aug 18

Improper initialization in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged u

CVE-2022-24382 MEDIUM
6.7 May 12

Improper input validation in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalatio

CVE-2022-24297 MEDIUM
6.7 May 12

Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escala

CVE-2022-21237 MEDIUM
6.7 May 12

Improper buffer access in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation o

CVE-2022-34345 MEDIUM
6.2 Aug 18

Improper input validation in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged

Share

CVE-2021-0056 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy