Main Vulnerability Database Vulnerabilities #VU69250

#VU69250 Improper Authentication in XMM 7560 Modem - CVE-2022-27874

Published: November 11, 2022

Vulnerability identifier: #VU69250

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2022-27874

CWE-ID: CWE-287

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
XMM 7560 Modem

Software vendor:
Intel

Description

The vulnerability allows a local user to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests. An administrator with physical access can bypass authentication process and gain elevated privileges on the system.

Remediation

Install updates from vendor's website.

External links

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html