Privilege Escalation in Intel Computing Improvement Program
CVE-2018-12168

7.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Computing Improvement Program
Vendor: CVE Published:; 12 September 2018

What is CVE-2018-12168?

The Intel Computing Improvement Program prior to version 2.2.0.03942 is susceptible to a vulnerability that enables authenticated users to gain administrator-level access through improper file permissions. This flaw could potentially allow local users to execute code with elevated privileges, posing security risks to affected systems.

Affected Version(s)

Intel(R) Computing Improvement Program Versions before 2.2.0.03942.

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 12, 2018
Vulnerability Reserved
Jun 11, 2018