CVE-2018-18098

Improper file verification in install routine for Intel(R) SGX SDK and Platform Software for Windows before 2.2.100 may allow an escalation of privilege via local access.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:intel:sgx_platform_software:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:55

Type Values Removed Values Added
References () https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00203.html - Patch, Vendor Advisory () https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00203.html - Patch, Vendor Advisory

Information

Published : 2019-01-10 20:29

Updated : 2024-11-21 03:55


NVD link : CVE-2018-18098

Mitre link : CVE-2018-18098

CVE.ORG link : CVE-2018-18098


JSON object : View

Products Affected

intel

  • sgx_sdk
  • sgx_platform_software

microsoft

  • windows
CWE
CWE-732

Incorrect Permission Assignment for Critical Resource