Intel® Media Server Studio for Windows* Vulnerability Advisory

Summary:

A potential security vulnerability in the Intel® Media Server Studio may allow for the escalation of privilege. Intel is releasing Media Server Studio updates and providing the instructions below to mitigate these potential vulnerabilities.

Vulnerability Details:

CVEID: CVE-2018-3697

Description: Improper directory permissions in the installer for the Intel® Media Server Studio may allow unprivileged users to potentially enable an escalation of privilege via local access.

CVSS Base Score: 6.7 Medium

CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:N

Affected Products:

Intel® Media Server Studio before 2019 Beta Release.

Recommendations:

For users who are able to update their systems, Intel recommends updating to the 2019 Beta Release or later.

Updates are available for download at this location: <https://software.intel.com/en-us/blogs/2018/10/05/2019-opencl-sdk-whats-new&gt;