CVE-2018-3667 — Initialization of a Resource with an Insecure Default in Corporation Intel Processor Diagnostic Tool

CWE-1188 — Initialization of a Resource with an Insecure Default3 documents3 sources

Severity

7.8HIGHNVD

EPSS

0.1%

top 83.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Corporation Intel Processor Diagnostic Tool Intel Processor Diagnostic Tool

Timeline

PublishedJul 10

Latest updateMay 13

Description

Installation tool IPDT (Intel Processor Diagnostic Tool) 4.1.0.24 sets permissions of installed files incorrectly, allowing for execution of arbitrary code and potential privilege escalation.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶NVDintel/processor_diagnostic_tool4.1.0.24

▶CVEListV5intel_corporation/intel_processor_diagnostic_tool4.1.0.24

🔴Vulnerability Details

GHSA

GHSA-26x7-mr2m-x8m5: Installation tool IPDT (Intel Processor Diagnostic Tool) 4↗2022-05-13

▶

CVEList

CVE-2018-3667: Installation tool IPDT (Intel Processor Diagnostic Tool) 4↗2018-07-10

▶