CVE-2018-12177
First published: Tue Jan 08 2019(Updated: )
Improper directory permissions in the ZeroConfig service in Intel(R) PROSet/Wireless WiFi Software before version 20.90.0.7 may allow an authorized user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel PROSet/Wireless | <20.90.0.7 | |
| Intel Dual Band Wireless-AC 3160 | ||
| Intel Dual Band Wireless-AC 3165 | ||
| Intel Dual Band Wireless-AC 3168 Firmware | ||
| Intel Dual Band Wireless-AC 7260 | ||
| Intel Dual Band Wireless-AC 7260 | ||
| Intel Dual Band Wireless-AC 7265 | ||
| Intel Dual Band Wireless-AC 7265 | ||
| Intel Dual Band Wireless-AC 8260 | ||
| Intel Dual Band Wireless-AC 8265 | ||
| Intel Dual Band Wireless-AC 8265 | ||
| Intel Wireless-N 7260 | ||
| Intel Dual Band Wireless-N 7265 (Rev C) | ||
| Intel Dual Band Wireless-N 7265 (Rev D) | ||
| Intel Tri-Band Wireless-AC 17265 | ||
| Intel Tri-Band Wireless-AC 18260 | ||
| Intel Tri-Band Wireless-AC 18265 | ||
| Intel Wireless-AC 9260 | ||
| Intel Wireless-AC 9461 | ||
| Intel Wireless-AC 9462 | ||
| Intel Wireless-AC 9560 | ||
| Intel Dual Band Wireless-N 7260 | ||
| Intel Wireless-N 7265 (Rev C) | ||
| Intel Wireless-N 7265 (Rev D) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2018-12177?
CVE-2018-12177 is a vulnerability in the ZeroConfig service in Intel PROSet/Wireless WiFi Software that allows an authorized user to potentially enable escalation of privilege via local access.
What is the severity of CVE-2018-12177?
The severity of CVE-2018-12177 is high with a CVSS score of 7.8.
What software is affected by CVE-2018-12177?
Intel PROSet/Wireless WiFi Software before version 20.90.0.7 is affected by CVE-2018-12177.
How can an attacker exploit CVE-2018-12177?
An attacker with local access can potentially exploit CVE-2018-12177 to escalate privileges.
Where can I find more information about CVE-2018-12177?
More information about CVE-2018-12177 can be found at the following link: [Intel Security Advisory INTEL-SA-00182](https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00182.html).
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/last-modified-date
- agent/severity
- agent/remedy
- agent/weakness
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/intel
- canonical/intel proset/wireless
- canonical/intel dual band wireless-ac 3160
- canonical/intel dual band wireless-ac 3165
- canonical/intel dual band wireless-ac 3168 firmware
- canonical/intel dual band wireless-ac 7260
- canonical/intel dual band wireless-ac 7265
- canonical/intel dual band wireless-ac 8260
- canonical/intel dual band wireless-ac 8265
- canonical/intel wireless-n 7260
- canonical/intel dual band wireless-n 7265 (rev c)
- canonical/intel dual band wireless-n 7265 (rev d)
- canonical/intel tri-band wireless-ac 17265
- canonical/intel tri-band wireless-ac 18260
- canonical/intel tri-band wireless-ac 18265
- canonical/intel wireless-ac 9260
- canonical/intel wireless-ac 9461
- canonical/intel wireless-ac 9462
- canonical/intel wireless-ac 9560
- canonical/intel dual band wireless-n 7260
- canonical/intel wireless-n 7265 (rev c)
- canonical/intel wireless-n 7265 (rev d)