CVE-2018-12177
First published: Tue Jan 08 2019(Updated: )
Improper directory permissions in the ZeroConfig service in Intel(R) PROSet/Wireless WiFi Software before version 20.90.0.7 may allow an authorized user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Proset\/wireless Software | <20.90.0.7 | |
| Intel Dual Band Wireless-ac 3160 | ||
| Intel Dual Band Wireless-ac 3165 | ||
| Intel Dual Band Wireless-ac 3168 | ||
| Intel Dual Band Wireless-ac 7260 | ||
| Intel Dual Band Wireless-ac 7260 For Desktop | ||
| Intel Dual Band Wireless-ac 7265\(rev C\) | ||
| Intel Dual Band Wireless-ac 7265 \(rev D\) | ||
| Intel Dual Band Wireless-ac 8260 | ||
| Intel Dual Band Wireless-ac 8265 | ||
| Intel Dual Band Wireless-ac 8265 Desktop Kit | ||
| Intel Dual Band Wireless-n 7260 | ||
| Intel Dual Band Wireless-n 7265 \(rev C\) | ||
| Intel Dual Band Wireless-n 7265 \(rev D\) | ||
| Intel Tri-band Wireless-ac 17265 | ||
| Intel Tri-band Wireless-ac 18260 | ||
| Intel Tri-band Wireless-ac 18265 | ||
| Intel Wireless-ac 9260 | ||
| Intel Wireless-ac 9461 | ||
| Intel Wireless-ac 9462 | ||
| Intel Wireless-ac 9560 | ||
| Intel Wireless-n 7260 | ||
| Intel Wireless-n 7265 \(rev C\) | ||
| Intel Wireless-n 7265 \(rev D\) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2018-12177?
CVE-2018-12177 is a vulnerability in the ZeroConfig service in Intel PROSet/Wireless WiFi Software that allows an authorized user to potentially enable escalation of privilege via local access.
What is the severity of CVE-2018-12177?
The severity of CVE-2018-12177 is high with a CVSS score of 7.8.
What software is affected by CVE-2018-12177?
Intel PROSet/Wireless WiFi Software before version 20.90.0.7 is affected by CVE-2018-12177.
How can an attacker exploit CVE-2018-12177?
An attacker with local access can potentially exploit CVE-2018-12177 to escalate privileges.
Where can I find more information about CVE-2018-12177?
More information about CVE-2018-12177 can be found at the following link: [Intel Security Advisory INTEL-SA-00182](https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00182.html).
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/event
- agent/description
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/intel
- canonical/intel proset\/wireless software
- canonical/intel dual band wireless-ac 3160
- canonical/intel dual band wireless-ac 3165
- canonical/intel dual band wireless-ac 3168
- canonical/intel dual band wireless-ac 7260
- canonical/intel dual band wireless-ac 7260 for desktop
- canonical/intel dual band wireless-ac 7265\(rev c\)
- canonical/intel dual band wireless-ac 7265 \(rev d\)
- canonical/intel dual band wireless-ac 8260
- canonical/intel dual band wireless-ac 8265
- canonical/intel dual band wireless-ac 8265 desktop kit
- canonical/intel dual band wireless-n 7260
- canonical/intel dual band wireless-n 7265 \(rev c\)
- canonical/intel dual band wireless-n 7265 \(rev d\)
- canonical/intel tri-band wireless-ac 17265
- canonical/intel tri-band wireless-ac 18260
- canonical/intel tri-band wireless-ac 18265
- canonical/intel wireless-ac 9260
- canonical/intel wireless-ac 9461
- canonical/intel wireless-ac 9462
- canonical/intel wireless-ac 9560
- canonical/intel wireless-n 7260
- canonical/intel wireless-n 7265 \(rev c\)
- canonical/intel wireless-n 7265 \(rev d\)