CVE-2018-3635

CWE-269 — Improper Privilege Management3 documents3 sources

Severity

7.8HIGH

EPSS

0.1%

top 80.71%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Rapid Storage Technology Intel Corporation Intel Rapid Store Technology

Timeline

PublishedNov 14

Latest updateMay 13

Description

Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version 16.7 may allow an unprivileged user to potentially elevate privileges or cause an installer denial of service via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5intel_corporation/intel_rapid_store_technologyversions before 16.7

▶NVDintel/rapid_storage_technology< 16.7

🔴Vulnerability Details

GHSA

GHSA-54h3-2qjf-7vmr: Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version 16↗2022-05-13

▶

CVEList

CVE-2018-3635: Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version 16↗2018-11-14

▶