A potential security vulnerability in Intel® Data Migration Software may allow Escalation of Privilege**.**Intel is releasing Intel® Data Migration Software updates to mitigate this potential vulnerability.
CVEID:** CVE-2018-12160**
Description: DLL injection vulnerability in software installer for Intel® Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory permissions via local access.
CVSS Base Score:** 5.3 Medium**
CVSS Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
Intel® Data Migration Software v3.1 and before.****
Intel recommends that users of Intel® Data Migration Software update to the latest version.
Updates are available for download at this location: <https://downloadcenter.intel.com/product/80098/Intel-Data-Migration-Software>
Intel would like to thank Marius Gabriel Mihai for reporting this issue and working with us on coordinated disclosure.