Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
intelIntel Security CenterINTEL:INTEL-SA-00182
HistoryJan 08, 2019 - 12:00 a.m.

Intel® PROSet/Wireless WiFi Software Advisory

2019-01-0800:00:00
Intel Security Center
www.intel.com
9

EPSS

0

Percentile

12.6%

JSON

Summary:

A potential security vulnerability in Intel® PROSet/Wireless WiFi Software may allow escalation of privilege.** **Intel is releasing software updates to mitigate this potential vulnerability.

Vulnerability Details:

CVEID: CVE-2018-12177

Description: Improper directory permissions in the ZeroConfig service in Intel® PROSet/Wireless WiFi Software before version 20.90.0.7 may allow an authorized user to potentially enable escalation of privilege via local access.

CVSS Base Score: 7.8 High

CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

Intel wireless products and technologies before 20.90.0.7.

· Intel® Dual Band Wireless-AC 3160

· Intel® Dual Band Wireless-AC 7260

· Intel® Dual Band Wireless-N 7260

· Intel® Wireless-N 7260

· Intel® Dual Band Wireless-AC 7260 for Desktop

· Intel® Dual Band Wireless-AC 7265 (Rev. C)

· Intel® Dual Band Wireless-N 7265 (Rev. C)

· Intel® Wireless-N 7265 (Rev. C)

· Intel® Dual Band Wireless-AC 3165

· Intel® Dual Band Wireless-AC 7265 (Rev. D)

· Intel® Dual Band Wireless-N 7265 (Rev. D)

· Intel® Wireless-N 7265 (Rev. D)

· Intel® Dual Band Wireless-AC 3168

· Intel® Tri-Band Wireless-AC 17265

· Intel® Dual Band Wireless-AC 8260

· Intel® Tri-Band Wireless-AC 18260

· Intel® Dual Band Wireless-AC 8265

· Intel® Dual Band Wireless-AC 8265 Desktop Kit

· Intel® Tri-Band Wireless-AC 18265

· Intel® Wireless-AC 9560

· Intel® Wireless-AC 9461

· Intel® Wireless-AC 9462

· Intel® Wireless-AC 9260

Recommendations:

Intel recommends updating the Intel® PROSet/Wireless WiFi Software to 20.90.0.7 or later.

Updates are available for download at these locations:

· Check with your system manufacturer support site for the latest available verion, 20.90.0.7 or later.

Or

· <https://downloadcenter.intel.com/product/72252/Intel-PROSet-Wireless-Software&gt;

Acknowledgements:

Intel would like to thank Thomas Hibbert of Insomnia Security for reporting this issue and working with us on coordinated disclosure.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are deployed.

Related

prion 1
cvelist 1
hp 1
nvd 1
cve 1
threatpost 1
lenovo 2
prion
prion
Input validation
2019-01-10 20:29:00
cvelist
cvelist
CVE-2018-12177
2019-01-10 20:00:00
hp
hp
HPSBHF03603 rev. 3 - Escalation of Privilege via Intel PROSet/Wireless Wi-Fi Software
2019-02-01 00:00:00
nvd
nvd
CVE-2018-12177
2019-01-10 20:29:00
cve
cve
CVE-2018-12177
2019-01-10 20:29:00
threatpost
threatpost
Intel Patches High-Severity Privilege-Escalation Bugs
2019-01-09 16:16:58
lenovo
lenovo
Intel® PROSet/Wireless WiFi Software Vulnerabilities - US
2018-11-13 17:10:51
Intel® PROSet/Wireless WiFi Software Vulnerabilities - Lenovo Support US
2018-11-13 17:10:51

EPSS

0

Percentile

12.6%

JSON
Related for INTEL:INTEL-SA-00182
prion1cvelist1hp1nvd1cve1threatpost1lenovo2