A potential security vulnerability in Intel® Rapid Store Technology (RST) installer may allow an unprivileged user to potentially elevate privileges or cause an installer denial of service.** **Intel is releasing Intel® RST installer updates to mitigate this potential vulnerability.
CVEID: CVE-2018-3635
Description: Insufficient input validation in installer in Intel® Rapid Store Technology (RST) before version 16.7 may allow an unprivileged user to potentially elevate privileges or cause an installer denial of service via local access.
CVSS Base Score: 7.5 High
CVSS Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
Intel® RST before version 16.7.
Intel recommends updating Intel® RST to version 16.7 or later.
Updates are available for download at this location: <https://downloadcenter.intel.com/product/55005/Intel-Rapid-Storage-Technology-Intel-RST>
Intel would like to thank Stefan Kanthak for reporting this issue and working with us on coordinated disclosure.