Main Vulnerability Database Vulnerabilities #VU76708

Untrusted search path in Intel VTune Profiler - CVE-2022-41982

Published: May 31, 2023

Vulnerability identifier: #VU76708

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2022-41982

CWE-ID: CWE-426

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Intel VTune Profiler

Software vendor:
Intel

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to uncontrolled search path element, which leads to security restrictions bypass and privilege escalation.

Install updates from vendor's website.