Vulnerability Description
Improper file verification in install routine for Intel(R) SGX SDK and Platform Software for Windows before 2.2.100 may allow an escalation of privilege via local access.
CVSS Score
7.3
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Sgx Platform Software | < 2.2.100 |
| Microsoft | Windows | - |
| Intel | Sgx Sdk | < 2.2.100 |
Related Weaknesses (CWE)
References
- https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00203.PatchVendor Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00203.PatchVendor Advisory
FAQ
What is CVE-2018-18098?
CVE-2018-18098 is a vulnerability with a CVSS score of 7.3 (HIGH). Improper file verification in install routine for Intel(R) SGX SDK and Platform Software for Windows before 2.2.100 may allow an escalation of privilege via local access.
How severe is CVE-2018-18098?
CVE-2018-18098 has been rated HIGH with a CVSS base score of 7.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-18098?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Sgx Platform Software, Microsoft Windows, Intel Sgx Sdk.