CVE-2018-3635

Published: 14/11/2018 Updated: 26/03/2021

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 409

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version 16.7 may allow an unprivileged user to potentially elevate privileges or cause an installer denial of service via local access.

Vulnerable Product	Search on Vulmon	Subscribe to Product
intel rapid storage technology

Intel Rapid Storage Technology User Interface and Driver version 15901015 suffers from a dll hijacking vulnerability ...

Hi @ll, the executable installer of the Intel® Rapid Storage Technology (Intel® RST) User Interface and Driver, version 15901015 (LATEST for Windows 7), released 11/14/2017, available from <downloadmirrorintelcom/27400/eng/SetupRSTexe> via <downloadcenterintelcom/download/27400/Intel-Rapid-Storage-Technology-Inte ...

Hi @ll, more than 2 years ago I disclosed 2 vulnerabilities leading to local escalation of privilege in the Intel® Rapid Storage Technology (Intel® RST) User Interface and Driver: see <seclistsorg/fulldisclosure/2018/Nov/45> and <seclistsorg/fulldisclosure/2018/Nov/52> Intel fixed this vulnerability only in their e ...

CWE-269 https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00153.html http://www.securityfocus.com/bid/105984 http://seclists.org/fulldisclosure/2021/Mar/55 https://nvd.nist.gov https://packetstormsecurity.com/files/150392/Intel-Rapid-Storage-Technology-User-Interface-And-Driver-15.9.0.1015-DLL-Hijacking.html

CVE-2018-3635

Vulnerability Summary

Vulnerability Trend

Exploits

Mailing Lists

References

Vulmon Search

About

Products

Connect