A potential security vulnerability in Intel Unite® Client may allow denial of service. Intel is releasing software updates to mitigate this potential vulnerability.
CVEID: CVE-2019-0132
Description: Data Corruption in Intel Unite® Client before version 3.3.176.13 may allow an unauthenticated user to potentially cause a denial of service via network access.
CVSS Base Score: 5.3 Medium
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Intel Unite® Client before version 3.3.176.13.
Intel recommends users update to Intel Unite® Client v3.3.176.13 or later.
Updates are available for download at these locations:
MacOS:
<https://downloadcenter.intel.com/product/89294/Intel-Unite-app>
Windows*:
<https://downloadcenter.intel.com/download/28499/Intel-Unite-App-Hot-Fix>
Intel would like to thank Mark Barnes (MWR Labs) for reporting this issue.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.