Intel Unite® Client Advisory

Summary:

A potential security vulnerability in Intel Unite® Client may allow denial of service. Intel is releasing software updates to mitigate this potential vulnerability.

Vulnerability Details:

CVEID: CVE-2019-0132

Description: Data Corruption in Intel Unite® Client before version 3.3.176.13 may allow an unauthenticated user to potentially cause a denial of service via network access.

CVSS Base Score: 5.3 Medium

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:

Intel Unite® Client before version 3.3.176.13.

Recommendations:

Intel recommends users update to Intel Unite® Client v3.3.176.13 or later.

Updates are available for download at these locations:

MacOS:

<https://downloadcenter.intel.com/product/89294/Intel-Unite-app&gt;

Windows*:

<https://downloadcenter.intel.com/download/28499/Intel-Unite-App-Hot-Fix&gt;

Acknowledgements:

Intel would like to thank Mark Barnes (MWR Labs) for reporting this issue.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.