Published: 17/04/2019 Updated: 03/10/2019

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 409

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Improper directory permissions in installer for Intel(R) Media SDK prior to 2018 R2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vulnerable Product	Search on Vulmon	Subscribe to Product
intel media sdk 2017
intel media sdk 2018

As you wrap up this month's patch installs, don't forget these Intel fixes

The Register • Shaun Nichols in San Francisco • 11 Apr 2019

Chipzilla kicks out firmware patches plus a side channel Spoiler alert Thought you were done patching this week? Not if you're using an Intel-powered PC or server

Intel has posted another round of firmware updates with fixes for four CVE-listed vulnerabilities. Chipzilla's April patch load includes fixes for a pair of bugs considered by Intel to be high security risks, as well as a speculative execution bug reported by university researchers last month. CVE-2018-18094 is an escalation of privilege flaw in the Intel Media SDK installer. An attacker with code already running on the vulnerable machine could exploit the flaw to gain higher access privileges w...

CVE-2018-18094

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect