First published: Tue Jan 08 2019(Updated: )
Improper directory permissions in the ZeroConfig service in Intel(R) PROSet/Wireless WiFi Software before version 20.90.0.7 may allow an authorized user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com
Affected Software | Affected Version | How to fix |
---|---|---|
Intel Proset\/wireless Software | <20.90.0.7 | |
Intel Dual Band Wireless-ac 3160 | ||
Intel Dual Band Wireless-ac 3165 | ||
Intel Dual Band Wireless-ac 3168 | ||
Intel Dual Band Wireless-ac 7260 | ||
Intel Dual Band Wireless-ac 7260 For Desktop | ||
Intel Dual Band Wireless-ac 7265\(rev C\) | ||
Intel Dual Band Wireless-ac 7265 \(rev D\) | ||
Intel Dual Band Wireless-ac 8260 | ||
Intel Dual Band Wireless-ac 8265 | ||
Intel Dual Band Wireless-ac 8265 Desktop Kit | ||
Intel Dual Band Wireless-n 7260 | ||
Intel Dual Band Wireless-n 7265 \(rev C\) | ||
Intel Dual Band Wireless-n 7265 \(rev D\) | ||
Intel Tri-band Wireless-ac 17265 | ||
Intel Tri-band Wireless-ac 18260 | ||
Intel Tri-band Wireless-ac 18265 | ||
Intel Wireless-ac 9260 | ||
Intel Wireless-ac 9461 | ||
Intel Wireless-ac 9462 | ||
Intel Wireless-ac 9560 | ||
Intel Wireless-n 7260 | ||
Intel Wireless-n 7265 \(rev C\) | ||
Intel Wireless-n 7265 \(rev D\) |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-12177 is a vulnerability in the ZeroConfig service in Intel PROSet/Wireless WiFi Software that allows an authorized user to potentially enable escalation of privilege via local access.
The severity of CVE-2018-12177 is high with a CVSS score of 7.8.
Intel PROSet/Wireless WiFi Software before version 20.90.0.7 is affected by CVE-2018-12177.
An attacker with local access can potentially exploit CVE-2018-12177 to escalate privileges.
More information about CVE-2018-12177 can be found at the following link: [Intel Security Advisory INTEL-SA-00182](https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00182.html).