Main Vulnerability Database Vulnerabilities #VU72503

#VU72503 Insecure DLL loading in Administrative Tools for Intel Network Adapters - CVE-2022-41314

Published: February 22, 2023

Vulnerability identifier: #VU72503

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2022-41314

CWE-ID: CWE-427

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Administrative Tools for Intel Network Adapters

Software vendor:
Intel

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to the application loads DLL libraries in an insecure manner. A remote attacker can place a specially crafted .dll file into the folder near to installer, trick the victim into executing the installer binary and execute arbitrary code on victim's system.

Remediation

Install updates from vendor's website.

External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00770.html

#VU72503 Insecure DLL loading in Administrative Tools for Intel Network Adapters - CVE-2022-41314

Description

Remediation

External links

Please verify you're human