What is CVE-2022-36400?

CVE-2022-36400 is a medium-severity vulnerability in Intel Nuc_8_rugged_kit_nuc8cchkr, classified under Path Traversal. CVSS score: 6.7/10. Published 2022-11-11.

How severe is CVE-2022-36400?

Medium severity. CVSS v3 base score is 6.7 out of 10.

Path Traversal in Intel Nuc_8_rugged_kit_nuc8cchkr

CVE-2022-36400

Path traversal in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.002 (7.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H.

Affected products

Intel Nuc_8_rugged_kit_nuc8cchkr
Intel Nuc_board_nuc8cchb
Intel Nuc_kit_nuc5pgyh
Intel Nuc_kit_nuc5ppyh
Intel Nuc_kit_nuc6cayh
Intel Nuc_kit_nuc6cays
Intel Nuc_kit_wireless_adapter_driver_installer
N/a Intel(r) Nuc Kit Wireless Adapter Drivers For Windows 10 — versions before version 22.40

Weakness classification (CWE)

CWE-22 — Path Traversal

References

secure@intel.com (Vendor Advisory)

Frequently asked questions

What is CVE-2022-36400?: CVE-2022-36400 is a medium-severity vulnerability in Intel Nuc_8_rugged_kit_nuc8cchkr, classified under Path Traversal. CVSS score: 6.7/10. Published 2022-11-11.
How severe is CVE-2022-36400?: Medium severity. CVSS v3 base score is 6.7 out of 10.