PT-2020-4921 · Intel · Intel Unite Cloud Service

Published

2020-11-10

Updated

2021-07-21

CVE-2020-12331

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Intel Unite Cloud Service client versions prior to 4.2.12212

Description: The issue is related to improper access controls in the Intel Unite Cloud Service client, which may allow an authenticated user to potentially enable escalation of privilege via local access. This could potentially be exploited by an attacker to gain elevated privileges.

Recommendations: For versions prior to 4.2.12212, update to version 4.2.12212 or later to resolve the issue. As a temporary workaround, consider restricting local access to the Intel Unite Cloud Service client until the update can be applied.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

BDU:2020-05496

CVE-2020-12331

Affected Products

Intel Unite Cloud Service

PT-2020-4921 · Intel · Intel Unite Cloud Service

CVE-2020-12331

Weakness Enumeration

Related Identifiers

Affected Products

References · 7