PT-2020-4922 · Intel · Intel Advisor

Published

2020-11-10

Updated

2020-11-24

CVE-2020-12334

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Intel(R) Advisor tools versions prior to 2020 Update 2

Description: The issue is related to improper permissions in the installer for the Intel(R) Advisor tools, which may allow an authenticated user to potentially enable escalation of privilege via local access. This is due to errors in managing privileges. The exploitation of this issue can allow an attacker to elevate their privileges.

Recommendations: For versions prior to 2020 Update 2, update to version 2020 Update 2 or later to resolve the issue. As a temporary workaround, consider restricting local access to the installer to minimize the risk of exploitation.

Fix

Improper Preservation of Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-281CWE-264

Related Identifiers

BDU:2020-05497

CVE-2020-12334

Affected Products

Intel Advisor

PT-2020-4922 · Intel · Intel Advisor

CVE-2020-12334

Weakness Enumeration

Related Identifiers

Affected Products

References · 7