7/12/2023 0 Comments Intel support assistantBy default, the service executable is set to “Manual” start-up type. Viewing the management rights for the service “Intel® SUR QC SAM” for “Everyone” on a default installation, showed that all users had the rights to start the service executable. CVE-2020-12302 has been allocated for the vulnerability.Ģ6/08/20 – Vulnerability is disclosed without a patch. The vulnerability is currently being mitigated.ġ0/06/20 - Intel Product Security Incident Response Team informs that a patch should be available within 60 days. However the vulnerability is still present in the newest version.Ģ0.8.30.6 at the time of public disclosure.Ģ2/05/20 - Intel Product Security Incident Response Team is e-mailed with detailed descriptionĢ2/05/20 - Intel Product Security Incident Response Team informs that they are investigating the issue.Ġ8/06/20 - Intel Product Security Incident Response Team confirms the vulnerability and informs us that the vulnerability has been reported previously. Improsec’s Responsible Disclosure policy dictates a 90 day period for the security measures to be designed, developed, tested and implemented with customers before we publish information about the vulnerability, and that time has passed now.ĭuring the 60 days several new versions of the application were released, from 20.5.20 to 20.8.30.6. Support for Intel® NUC Identify Your Product Choose Your Product Recommended Articles Find featured content, product specifications, warranty information, community posts, and more for your Intel® NUC. We were furthermore informed, that the vulnerability would be fixed in 60 days or sooner. When we first contacted Intel we were informed, that another researcher already had reported the same vulnerability. Intel Driver & Support Assistant is an application for keeping drivers, firmware and software packages up-to-date on systems using Intel hardware. This blog post highlights a trivial privilege escalation vulnerability in Intel Driver & Support Assistant.
0 Comments
Leave a Reply. |