Intel® Rapid Store Technology Installer Advisory

Summary:

A potential security vulnerability in Intel® Rapid Store Technology (RST) installer may allow an unprivileged user to potentially elevate privileges or cause an installer denial of service.** **Intel is releasing Intel® RST installer updates to mitigate this potential vulnerability.

Vulnerability Details:

CVEID: CVE-2018-3635

Description: Insufficient input validation in installer in Intel® Rapid Store Technology (RST) before version 16.7 may allow an unprivileged user to potentially elevate privileges or cause an installer denial of service via local access.

CVSS Base Score: 7.5 High

CVSS Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

Affected Products:

Intel® RST before version 16.7.

Recommendations:

Intel recommends updating Intel® RST to version 16.7 or later.

Updates are available for download at this location: <https://downloadcenter.intel.com/product/55005/Intel-Rapid-Storage-Technology-Intel-RST&gt;

Acknowledgements:

Intel would like to thank Stefan Kanthak for reporting this issue and working with us on coordinated disclosure.