CVE-2018-12148

Vulnerability

A privilege escalation vulnerability exists in Intel Driver and Support Assistant (DSA) versions prior to 3.5.0.1 [1]. The issue is due to improper file permissions, which allows an authenticated user to potentially execute code with elevated privileges [1]. The affected file permissions are set in a way that a standard user can modify files that are later executed by the service, leading to escalation [1].

Exploitation

An attacker must have local access to the system and be authenticated as a standard user [1]. The attacker can modify a file that Intel DSA has weak permissions on, and then trigger execution of that file via the Intel DSA service, which runs with administrative privileges [1]. No user interaction beyond the initial local access is required for the privilege escalation step, though the attacker must be able to write to the vulnerable file location [1].

Impact

Successful exploitation allows the attacker to execute arbitrary code in the context of the administrator account, resulting in complete compromise of the affected system [1]. The attacker gains full control over the system, including the ability to install programs, create new accounts, and view, change, or delete data [1].

Mitigation

The vulnerability is fixed in Intel Driver and Support Assistant version 3.5.0.1, released on September 11, 2018 [1]. Users should update to this version or later via the Intel DSA update mechanism or by downloading from Intel's website [1]. No workarounds are provided in the reference; updating is the recommended action [1].