Potential Security Vulnerability in Intel SSD Data Center Tool
May allow escalation of privilege, software updates to mitigate potential vulnerability.
This is a Press Release edited by StorageNewsletter.com on August 21, 2020 at 2:29 pmFrom Intel Corp.
|
Intel ID: |
INTEL-SA-00406 |
|
Advisory Category: |
Software |
|
Impact of vulnerability: |
Escalation of Privilege |
|
Severity rating: |
MEDIUM |
|
Original release: |
08/11/2020 |
|
Last revised: |
08/11/2020 |
Summary:
A potential security vulnerability in the Intel SSD Data Center Tool (DCT) may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability.
Vulnerability details:
CVEID: CVE-2020-8759
Description: Improper access control in the installer for Intel SSD DCT versions before 3.0.23 may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS Base Score: 5.2 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
Affected products:
Intel SSD DCT before version 3.0.23.
Recommendations:
Intel recommends updating Intel SSD DCT to version 3.0.23 or later.
Updates are available for download.
Acknowledgements:
Intel would like to thank Eran Shimony for reporting this issue.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.
Revision History
|
Revision |
Date |
Description |
|
1.0 |
08/11/2020 |
Initial Release |
Subscribe to our free daily newsletter
