Insufficient Input Validation in Intel Driver & Support Assistant Affects Intel Products
CVE-2018-3621

6.5MEDIUM

Key Information:

Vendor: Intel
Status: Intel Driver & Support Assistant
Vendor: CVE Published:; 14 November 2018

What is CVE-2018-3621?

The Intel Driver & Support Assistant prior to version 3.6.0.4 is impacted by a vulnerability due to inadequate input validation. This flaw allows an unauthenticated user to potentially exploit adjacent access for information disclosure, posing risks to sensitive system data. Firmware and software updates are essential to mitigate this issue.

Affected Version(s)

Intel Driver & Support Assistant Versions before 3.6.0.4

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 14, 2018
Vulnerability Reserved
Dec 28, 2017

JSON