CVE-2018-18098

CVE Database · CVE-2018-18098

CVE-2018-18098

· N/AModified

CVSS v3.1

N/A

EPSS

0.28%

Published

Jan 10, 2019

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Improper file verification in install routine for Intel(R) SGX SDK and Platform Software for Windows before 2.2.100 may allow an escalation of privilege via local access.

Weaknesses (CWE)

CWE-732

Affected Products (4)

intel · sgx_platform_software (up to 2.2.100)vulnerable

microsoft · windows

intel · sgx_sdk (up to 2.2.100)vulnerable

microsoft · windows

References (2)

https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00203.html

PatchVendor Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00203.html

PatchVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs