Intel Rapid Storage Technology vulnerabilities

6 known vulnerabilities affecting intel/rapid_storage_technology.

Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH6

Vulnerabilities

Page 1 of 1
CVE-2023-39230HIGHCVSS 7.8fixed in 16.8.5.1014.92023-11-14
CVE-2023-39230 [MEDIUM] CWE-277 CVE-2023-39230: Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16.8.5 Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16.8.5.1014.9 may allow an authenticated user to potentially enable escalation of privilege via local access.
nvd
CVE-2022-43456HIGHCVSS 7.8≥ 16.0, < 16.8.5.1014.5≥ 17.0, < 17.11.3.1010.2+2 more2023-08-11
CVE-2022-43456 [MEDIUM] CWE-427 CVE-2022-43456: Uncontrolled search path in some Intel(R) RST software before versions 16.8.5.1014.5, 17.11.3.1010.2 Uncontrolled search path in some Intel(R) RST software before versions 16.8.5.1014.5, 17.11.3.1010.2, 18.7.6.1011.2 and 19.5.2.1049.5 may allow an authenticated user to potentially enable escalation of privilege via local access.
nvd
CVE-2021-0104HIGHCVSS 7.8fixed in 17.9.1.1009.5≥ 18.0.0.640, < 18.0.3.1148.4+1 more2021-06-09
CVE-2021-0104 [HIGH] CWE-427 CVE-2021-0104: Uncontrolled search path element in the installer for the Intel(R) Rapid Storage Technology software Uncontrolled search path element in the installer for the Intel(R) Rapid Storage Technology software, before versions 17.9.0.34, 18.0.0.640 and 18.1.0.24, may allow an authenticated user to potentially enable escalation of privilege via local access.
nvd
CVE-2019-14568HIGHCVSS 7.8fixed in 17.7.0.10062019-12-16
CVE-2019-14568 [HIGH] CWE-276 CVE-2019-14568: Improper permissions in the executable for Intel(R) RST before version 17.7.0.1006 may allow an auth Improper permissions in the executable for Intel(R) RST before version 17.7.0.1006 may allow an authenticated user to potentially enable escalation of privilege via local access.
nvd
CVE-2018-3635HIGHCVSS 7.8fixed in 16.72018-11-14
CVE-2018-3635 [HIGH] CWE-269 CVE-2018-3635: Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version 16.7 Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version 16.7 may allow an unprivileged user to potentially elevate privileges or cause an installer denial of service via local access.
nvd
CVE-2018-12131HIGHCVSS 7.8fixed in 4.7.0.20832018-10-10
CVE-2018-12131 [HIGH] CWE-732 CVE-2018-12131: Permissions in the driver pack installers for Intel NVMe before version 4.0.0.1007 and Intel RSTe be Permissions in the driver pack installers for Intel NVMe before version 4.0.0.1007 and Intel RSTe before version 4.7.0.2083 may allow an authenticated user to potentially escalate privilege via local access.
nvd