Vulnerability Description
Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version 16.7 may allow an unprivileged user to potentially elevate privileges or cause an installer denial of service via local access.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Rapid Storage Technology | < 16.7 |
Related Weaknesses (CWE)
References
- http://seclists.org/fulldisclosure/2021/Mar/55Mailing ListThird Party Advisory
- http://www.securityfocus.com/bid/105984Third Party AdvisoryVDB Entry
- https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00153.Vendor Advisory
- http://seclists.org/fulldisclosure/2021/Mar/55Mailing ListThird Party Advisory
- http://www.securityfocus.com/bid/105984Third Party AdvisoryVDB Entry
- https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00153.Vendor Advisory
FAQ
What is CVE-2018-3635?
CVE-2018-3635 is a vulnerability with a CVSS score of 7.8 (HIGH). Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version 16.7 may allow an unprivileged user to potentially elevate privileges or cause an installer denial of se...
How severe is CVE-2018-3635?
CVE-2018-3635 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-3635?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Rapid Storage Technology.