Local Code Execution Vulnerability in Intel Processor Diagnostic Tool
CVE-2018-3668

7.8HIGH

Key Information:

Vendor
Intel
Vendor
CVE Published:
10 July 2018

Summary

The Intel Processor Diagnostic Tool contains an issue due to unquoted service paths prior to version 4.1.0.27. This vulnerability may allow a local attacker to exploit the service path configuration and potentially execute arbitrary code on the affected system.

Affected Version(s)

Intel Processor Diagnostic Tool 4.1.0.24

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.