Published: 05/12/2018 Updated: 03/10/2019

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Subscribe to Integrated Performance Primitives

Data leakage in cryptographic libraries for Intel IPP prior to 2019 update1 release may allow an authenticated user to potentially enable information disclosure via local access.

Vulnerable Product	Search on Vulmon	Subscribe to Product
intel integrated performance primitives
intel integrated performance primitives 2019

Intel's Software Guard caught asleep at its post: Patch out now for SGX give-me-admin hole

The Register • Shaun Nichols in San Francisco • 14 Jan 2019

Chipzilla adds to Windows IT admins security update load

While admins were busy wrangling with the mass of security patches from Microsoft, Adobe, and SAP last week, Intel slipped out a fix for a potentially serious flaw in its Software Guard Extensions (SGX) technology. Chipzilla's January 8 update addresses CVE-2018-18098, an issue Intel describes as an "improper file verification" that can be exploited on Windows machines to escalate privileges. In effect, the security blunder can be leveraged by malware running on a system, or rogue logged-in user...

CVE-2018-12155

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect