A potential security vulnerability in the Intel® Falcon 8+ UAS AscTec Thermal Viewer may allow escalation of privilege. Intel is not releasing updates to mitigate this potential vulnerability and has issued a Product Discontinuation Notice for the Intel® Falcon 8+ UAS AscTec Thermal Viewer.****
CVEID: CVE-2020-12330
Description: Improper permissions in the installer for the Intel® Falcon 8+ UAS AscTec Thermal Viewer, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS Base Score: 6.7 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Intel® Falcon 8+ UAS AscTec Thermal Viewer all versions.
Intel has issued a Product Discontinuation notice for Intel® Falcon 8+ UAS AscTec Thermal Viewer and recommends that users of this software uninstall it or discontinue use at their earliest convenience.
Intel would like to thank Marius Gabriel Mihai and Eran Shimony for reporting this issue.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.