How severe is CVE-2022-27808?

Medium severity. CVSS v3 base score is 6.3 out of 10.

Vulnerability in Intel Administrative_tools_for_intel_network_adapters

CVE-2022-27808

Insufficient control flow management in some Intel(R) Ethernet Controller Administrative Tools drivers for Windows before version 1.5.0.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

EPSS: 0.002 (9.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.3 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L.

Affected products

Intel Administrative_tools_for_intel_network_adapters
Microsoft Windows
N/a Intel(r) Ethernet Controller Administrative Tools Drivers For Windows — versions before version 1.5.0.2

References

secure@intel.com (Vendor Advisory)

Frequently asked questions

What is CVE-2022-27808?: CVE-2022-27808 is a medium-severity vulnerability in Intel Administrative_tools_for_intel_network_adapters. CVSS score: 6.3/10. Published 2023-02-16.
How severe is CVE-2022-27808?: Medium severity. CVSS v3 base score is 6.3 out of 10.