CVE-2022-26024 - Exploiting Improper Access Control in Intel® NUC HDMI Firmware Update Tool

CVE-2022-26024 is a security vulnerability discovered in the Intel® NUC HDMI Firmware Update Tool affecting these specific NUC models: NUC7i3DN, NUC7i5DN, and NUC7i7DN. If you run any firmware before version 1.78.2..7, your device may be at risk. This flaw allows any authenticated local user to potentially gain elevated privileges—essentially letting a normal user act as an admin, which is a big security concern.

The Vulnerability Explained

At its core, the problem is improper access control. The updater tool does not properly restrict which users can run certain sensitive operations. That means if you’re logged in as any user—not even necessarily as an admin—you can take actions that normally require system-level permission.  

This happens because the updater installs and runs with broad permissions and doesn't properly check user rights before executing firmware updates, potentially letting a non-admin overwrite system firmware or inject malicious code.

Intel NUC7i7DN

Versions before 1.78.2..7 of the HDMI Firmware Update Tool are affected.

Run the vulnerable tool: The attacker launches the HDMI Firmware Update Tool.

3. Privilege escalation: Because of faulty access control, they can abuse the updater’s process (which runs as an admin) to perform privileged actions:

Replace firmware binaries

- Gain code execution with SYSTEM (Windows) or root (Linux/macOS) privileges

---

Simple Exploit Example

Below is a basic Windows proof of concept in PowerShell showing how an unprivileged user might replace a system file by abusing the tool (for educational purposes only):

# Warning: Do not execute on a production machine; this is for educational context!
# Assume 'HDMIFirmwareUpdateTool.exe' has improper permissions and runs as SYSTEM

$target = "C:\Windows\System32\importantfile.dll"
$malicious = "C:\Users\attacker\malicious.dll"

# Overwrite system DLL using the updater’s privilege
Start-Process -FilePath "C:\Program Files (x86)\Intel\HDMIFirmwareUpdateTool.exe" `
  -ArgumentList "/update", "/file=$malicious", "/target=$target"

Since the tool is not verifying user permissions, our standard user can cause the updater to overwrite protected system files.

Maintain persistence even after normal malware cleanup

This can be especially bad in shared environments, like offices or labs, where multiple users log into the same hardware.

Mitigation and Recommendations

Intel's Official Fix:  
Update the Intel® NUC HDMI Firmware Update Tool to version 1.78.2..7 or later.

- Intel Official Security Center Advisory: INTEL-SA-00700
- Download updated HDMI Firmware Updater: Intel Download Center

References

- Intel Security Advisory INTEL-SA-00700
- NIST NVD Entry for CVE-2022-26024
- Intel HDMI Firmware Updater Download

Conclusion

CVE-2022-26024 is a strong reminder: even tools supposed to “fix” devices can introduce risk if not properly designed.  
If you run one of the listed Intel NUC models, check your updater’s version and apply the latest patch. Don’t let a simple local bug be the open door to a deeper compromise.

Timeline

Published on: 11/11/2022 16:15:00 UTC
Last modified on: 11/17/2022 15:45:00 UTC