PT-2019-2349 · Intel · Intel Scs Discovery Utility

Published

2019-05-14

Updated

2020-08-24

CVE-2019-11093

CVSS v2.0

6.8

Medium

Vector

AV:L/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier

Description The issue is related to an unquoted service path in the installer for the Intel(R) SCS Discovery Utility, which may allow an authenticated user to potentially enable escalation of privilege via local access. It is also described as a vulnerability related to insufficient access restrictions, which can be exploited by an attacker to elevate their privileges.

Recommendations For Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-428CWE-264

Related Identifiers

BDU:2019-02124

CVE-2019-11093

Affected Products

Intel Scs Discovery Utility

PT-2019-2349 · Intel · Intel Scs Discovery Utility

CVE-2019-11093

Weakness Enumeration

Related Identifiers

Affected Products

References · 6