Privilege Escalation via Intel Ethernet 500 Drivers for VMware <1.10.0.13: CVE-2022-36416 February 2023

Protection mechanism failure in the Intel(R) Ethernet 500 Series Controller drivers for VMware before version 1.10.0.13 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vulnerability Analysis

CVE-2022-36416 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity, and a small impact on availability.

Attack Vector:

LOCAL

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

LOW

Integrity Impact:

NONE

Availability Impact:

LOW

Products Associated with CVE-2022-36416

Want to know whenever a new CVE is published for VMware Ixgben? stack.watch will email you.

Exploit Probability

EPSS

0.13%

Percentile

32.63%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Privilege Escalation via Intel Ethernet 500 Drivers for VMware <1.10.0.13CVE-2022-36416 Published on February 16, 2023

Vulnerability Analysis

Products Associated with CVE-2022-36416

Exploit Probability

Privilege Escalation via Intel Ethernet 500 Drivers for VMware <1.10.0.13
CVE-2022-36416 Published on February 16, 2023