Rapid Storage Technology
CVE-2018-3635
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version 16.7 may allow an unprivileged user to potentially elevate privileges or cause an installer denial of service via local access.
AnalysisAI
Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version 16.7 may allow an unprivileged user to potentially elevate privileges or cause an installer denial of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Improper Privilege Management (CWE-269), which allows attackers to escalate privileges to gain unauthorized elevated access. Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version 16.7 may allow an unprivileged user to potentially elevate privileges or cause an installer denial of service via local access. Affected products include: Intel Rapid Storage Technology. Version information: version 16.7.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply principle of least privilege, validate privilege transitions, implement proper role separation.
More in Rapid Storage Technology
View allInsecure inherited permissions in some Intel Rapid Storage Technology software before version 16.8.5.1014.9 may allow an
Uncontrolled search path element in the installer for the Intel(R) Rapid Storage Technology software, before versions 17
Improper permissions in the executable for Intel(R) RST before version 17.7.0.1006 may allow an authenticated user to po
Permissions in the driver pack installers for Intel NVMe before version 4.0.0.1007 and Intel RSTe before version 4.7.0.2
Same weakness CWE-269 – Improper Privilege Management
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today