DLL Injection Vulnerability in Intel Data Center Migration Center Software
CVE-2018-12160

5.3MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Data Migration Software
Vendor: CVE Published:; 12 September 2018

Summary

A DLL injection vulnerability exists in the software installer for Intel Data Center Migration Center Software prior to version 3.1. This weakness allows an authenticated user with local access to potentially execute arbitrary code due to inadequate handling of directory permissions. If exploited, an attacker could leverage this flaw to execute malicious actions within the affected environment, posing significant risks to data security and system integrity.

Affected Version(s)

Intel(R) Data Migration Software v3.1 and before.

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 12, 2018
Vulnerability Reserved
Jun 11, 2018