Intel® Distribution for Python 2018 for Windows* Advisory

Summary:

A potential security vulnerability in Intel® Distribution for Python (IDP) 2018 may allow an unprivileged user to escalate privileges via a local vector. Intel is releasing IDP updates to mitigate this potential vulnerability.

Vulnerability Details:

CVEID:** CVE-2018-12175**

Description: Default install directory permissions in Intel® Distribution for Python (IDP) version 2018 may allow an unprivileged user to escalate privileges via local access.

CVSS Base Score: 6.7 Medium****

CVSS Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Affected Products:

Intel® Distribution for Python 2018 downloaded before Aug 6, 2018.

Recommendations:

Intel recommends that users of Intel® Distribution for Python 2018 update to IDP 2018 Update 3 or IDP 2019 or later.

Updates are available for download at this location:

<https://software.intel.com/en-us/distribution-for-python&gt;

Acknowledgements:

This issue was found externally