Improper Authentication Vulnerability in Intel SSDs DC S4500 and DC S4600 Series
CVE-2018-18095

6.8MEDIUM

Key Information:

Vendor

Intel
Status
Intel(r) Ssd Dc S4500/s4600 Series
Vendor
CVE Published:
11 July 2019

What is CVE-2018-18095?

An improper authentication vulnerability exists in the firmware of Intel SSD DC S4500 and DC S4600 Series prior to version SCV10150. This flaw may enable an unprivileged user with physical access to potentially escalate privileges, allowing them to execute unauthorized actions on the device. It is crucial for users to ensure their firmware is up-to-date to mitigate the risk associated with this vulnerability.

Affected Version(s)

Intel(R) SSD DC S4500/S4600 Series before SCV10150

References

https://www.intel.com/content/www/us/en/security-center/a...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/109103
vdb-entryx_refsource_BID
https://support.lenovo.com/us/en/product_security/LEN-28116
x_refsource_CONFIRM

CVSS V3.1

Score:
6.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.