How severe is CVE-2022-36278?

High severity. CVSS v3 base score is 8.2 out of 10.

Vulnerability in Intel Battery_life_diagnostic_tool

CVE-2022-36278

Insufficient control flow management in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

EPSS: 0.002 (8.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.2 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H.

Affected products

Intel Battery_life_diagnostic_tool — versions 2.2.0
N/a Intel(r) Battery Life Diagnostic Tool Software — versions before version 2.2.0

References

secure@intel.com (Vendor Advisory)

Frequently asked questions

What is CVE-2022-36278?: CVE-2022-36278 is a high-severity vulnerability in Intel Battery_life_diagnostic_tool. CVSS score: 8.2/10. Published 2023-02-16.
How severe is CVE-2022-36278?: High severity. CVSS v3 base score is 8.2 out of 10.