CVE-2018-12131
Severity Score
7.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Permissions in the driver pack installers for Intel NVMe before version 4.0.0.1007 and Intel RSTe before version 4.7.0.2083 may allow an authenticated user to potentially escalate privilege via local access.
Los permisos en los instaladores de paquetes de controladores para Intel NVMe en versiones anteriores a la 4.0.0.1007 e Intel RSTe en versiones anteriores a la 4.7.0.2083 podrĂa permitir que un usuario autenticado pueda escalar privilegios mediante acceso local.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-06-11 CVE Reserved
- 2018-10-10 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-732: Incorrect Permission Assignment for Critical Resource
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00154.html | 2019-10-03 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Intel Search vendor "Intel" | Client Nvme Search vendor "Intel" for product "Client Nvme" | < 4.0.0.1007 Search vendor "Intel" for product "Client Nvme" and version " < 4.0.0.1007" | - |
Affected
| ||||||
| Intel Search vendor "Intel" | Datacenter Nvme Search vendor "Intel" for product "Datacenter Nvme" | <= 4.0.0.1006 Search vendor "Intel" for product "Datacenter Nvme" and version " <= 4.0.0.1006" | - |
Affected
| ||||||
| Intel Search vendor "Intel" | Rapid Storage Technology Search vendor "Intel" for product "Rapid Storage Technology" | < 4.7.0.2083 Search vendor "Intel" for product "Rapid Storage Technology" and version " < 4.7.0.2083" | - |
Affected
| ||||||