CVE-2024-25561

Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Weakness

A product defines a set of insecure permissions that are inherited by objects that are created by the program.

Affected Software

Name	Vendor	Start Version	End Version
Hid_event_filter_driver	Intel	2.2.2.1 (including)	2.2.2.1 (including)
Nuc_m15_laptop_kit_lapbc510	Intel	- (including)	- (including)
Nuc_m15_laptop_kit_lapbc710	Intel	- (including)	- (including)
Nuc_m15_laptop_kit_laprc510	Intel	- (including)	- (including)
Nuc_m15_laptop_kit_laprc710	Intel	- (including)	- (including)
Nuc_x15_laptop_kit_lapac71g	Intel	- (including)	- (including)
Nuc_x15_laptop_kit_lapac71h	Intel	- (including)	- (including)
Nuc_x15_laptop_kit_lapkc51e	Intel	- (including)	- (including)
Nuc_x15_laptop_kit_lapkc71e	Intel	- (including)	- (including)
Nuc_x15_laptop_kit_lapkc71f	Intel	- (including)	- (including)

Potential Mitigations

Compartmentalize the system to have “safe” areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area.
Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separation functionality. Architects and designers should rely on the principle of least privilege to decide the appropriate time to use privileges and the time to drop privileges.

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01089.html

NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-25561
CWE	https://cwe.mitre.org/data/definitions/277.html

Insecure Inherited Permissions

Weakness

Affected Software

Potential Mitigations

References