PT-2018-3418 · Intel · Intel Rste+1

Published

2018-10-10

Updated

2019-10-25

CVE-2018-12131

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Intel NVMe versions prior to 4.0.0.1007 Intel RSTe versions prior to 4.7.0.2083

Description: The issue is related to errors in managing privileges in the driver pack installers for Intel NVMe and Intel RSTe. This may allow an authenticated user to potentially escalate privileges via local access. Exploitation of the issue could enable an attacker to increase their privileges.

Recommendations: For Intel NVMe versions prior to 4.0.0.1007, update to version 4.0.0.1007 or later. For Intel RSTe versions prior to 4.7.0.2083, update to version 4.7.0.2083 or later.

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

BDU:2020-00817

CVE-2018-12131

Affected Products

Intel Nvme

Intel Rste

PT-2018-3418 · Intel · Intel Rste+1

CVE-2018-12131

Weakness Enumeration

Related Identifiers

Affected Products

References · 5