CVE-2022-43474

Uncontrolled search path for the DSP Builder software installer before version 22.4 for Intel(R) FPGAs Pro Edition may allow an authenticated user to potentially enable escalation of privilege via local access.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:intel:dsp_builder:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:quartus_prime:-:*:*:*:pro:*:*:*

History

21 Nov 2024, 07:26

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.8
v2 : unknown
v3 : 6.7
References () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00816.html - Vendor Advisory () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00816.html - Vendor Advisory

23 May 2023, 14:29

Type Values Removed Values Added
References (MISC) https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00816.html - (MISC) https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00816.html - Vendor Advisory
CWE CWE-428
CPE cpe:2.3:a:intel:quartus_prime:-:*:*:*:pro:*:*:*
cpe:2.3:a:intel:dsp_builder:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8

10 May 2023, 14:38

Type Values Removed Values Added
New CVE

Information

Published : 2023-05-10 14:15

Updated : 2024-11-21 07:26


NVD link : CVE-2022-43474

Mitre link : CVE-2022-43474

CVE.ORG link : CVE-2022-43474


JSON object : View

Products Affected

intel

  • quartus_prime
  • dsp_builder
CWE
CWE-427

Uncontrolled Search Path Element

CWE-428

Unquoted Search Path or Element