DLL Injection Vulnerability in Intel Data Center Migration Center Software
CVE-2018-12160
5.3MEDIUM
Key Information:
- Vendor
- Intel
- Vendor
- CVE Published:
- 12 September 2018
Summary
A DLL injection vulnerability exists in the software installer for Intel Data Center Migration Center Software prior to version 3.1. This weakness allows an authenticated user with local access to potentially execute arbitrary code due to inadequate handling of directory permissions. If exploited, an attacker could leverage this flaw to execute malicious actions within the affected environment, posing significant risks to data security and system integrity.
Affected Version(s)
Intel(R) Data Migration Software v3.1 and before.
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved