What is CVE-2020-12346?

CVE-2020-12346 is a high-severity vulnerability in Intel Battery_life_diagnostic_tool, classified under Incorrect Default Permissions. CVSS score: 7.8/10. Published 2020-11-12.

How severe is CVE-2020-12346?

High severity. CVSS v3 base score is 7.8 out of 10.

Vulnerability in Intel Battery_life_diagnostic_tool

CVE-2020-12346

Improper permissions in the installer for the Intel(R) Battery Life Diagnostic Tool before version 1.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access.

EPSS: 0.003 (19.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Intel Battery_life_diagnostic_tool
N/a Intel(r) Battery Life Diagnostic Tool — versions before version 1.0.7

Weakness classification (CWE)

CWE-276 — Incorrect Default Permissions

References

secure@intel.com (x_refsource_MISC, Vendor Advisory)

Frequently asked questions

What is CVE-2020-12346?: CVE-2020-12346 is a high-severity vulnerability in Intel Battery_life_diagnostic_tool, classified under Incorrect Default Permissions. CVSS score: 7.8/10. Published 2020-11-12.
How severe is CVE-2020-12346?: High severity. CVSS v3 base score is 7.8 out of 10.