Intel ID: |
INTEL-SA-00172 |
Advisory Category: |
Software |
Impact of vulnerability: |
Escalation of Privilege |
Severity rating: |
MEDIUM |
Original release: |
09/11/2018 |
Last revised: |
12/18/2018 |
Summary:
A potential security vulnerability in OpenVINO™ Toolkit for Windows may allow escalation of privilege. Intel is releasing OpenVINO™ Toolkit for Windows updates to mitigate this potential vulnerability.
Vulnerability Details:
CVEID: CVE-2018-12162
Description: Directory permissions in the Intel(r) OpenVINO(tm) Toolkit for Windows may allow an authenticated user to potentially execute code using default directory permissions via local access.
CVSS Base Score: 5.3 Medium
CVSS Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
Affected Products:
Intel® OpenVINO™ Toolkit for Windows v2018.1.265 and earlier.
Intel® OpenVINO™ Toolkit 2018 R3 for Windows and earlier.
Recommendations:
Intel recommends that users of the Intel® OpenVINO™ Toolkit update to the latest version.
Updates are available for download at this location:
https://software.intel.com/en-us/ope...wnload-windows
Acknowledgements:
Intel would like to thank SaifAllah benMassaoud for reporting this issue and working with us on coordinated disclosure.
Revision History
Revision |
Date |
Description |
1.0 |
09/11/2018 |
Initial Release |
1.1 |
12/18/2018 |
Updated affected versions |