PT-2020-4806 · Intel+1 · Intel Scs Add-On+1

Published

2020-11-10

Updated

2020-11-30

CVE-2020-12320

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Intel SCS Add-on for Microsoft SCCM versions prior to 2.1.10

Description: The issue is related to an uncontrolled search path element in the Intel Setup and Configuration Software (SCS) utility for System Center Configuration Manager. This could allow an authenticated user to potentially enable escalation of privilege via local access.

Recommendations: For versions prior to 2.1.10, update to version 2.1.10 or later to resolve the issue.

Fix

Uncontrolled Search Path Element

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-427

Related Identifiers

BDU:2020-05359

CVE-2020-12320

Affected Products

Intel Scs Add-On

Sccm

PT-2020-4806 · Intel+1 · Intel Scs Add-On+1

CVE-2020-12320

Weakness Enumeration

Related Identifiers

Affected Products

References · 6