CVE-2019-11093

Published: May 17, 2019Modified: Nov 21, 2024

6.7

Vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.8 / Impact: 5.9

Source: NVD

Description

Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected (1)

Products: Intel: Scs Discovery Utility

Intel

1 product

Scs Discovery Utility

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Intel Scs Discovery Utility	Up to 12.0.0.129

Related CWEs

CWE-428

Unquoted Search Path or Element

The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

References (2)

https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html

Source: secure@intel.com

PatchVendor Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.