CVE-2018-3649

DLL injection vulnerability in the installation executables (Autorun.exe and Setup.exe) for Intel's wireless drivers and related software in Intel Dual Band Wireless-AC, Tri-Band Wireless-AC and Wireless-AC family of products allows a local attacker to cause escalation of privilege via remote code execution.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
intelCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 38%
VendorProductVersion
inteldual_band_wireless-ac_3160
𝑥
< 20.20.2.2
inteldual_band_wireless-ac_7260
𝑥
< 20.20.2.2
inteldual_band_wireless-n_7260
𝑥
< 20.20.2.2
intelwireless-n_7260
𝑥
< 20.20.2.2
inteldual_band_wireless-ac_7260
𝑥
< 20.20.2.2
inteldual_band_wireless-ac_7265
𝑥
< 20.20.2.2
inteldual_band_wireless-n_7265
𝑥
< 20.20.2.2
intelwireless-n_7265
𝑥
< 20.20.2.2
inteldual_band_wireless-ac_3165
𝑥
< 20.20.2.2
inteldual_band_wireless-ac_7265
𝑥
< 20.20.2.2
inteldual_band_wireless-n_7265
𝑥
< 20.20.2.2
intelwireless-n_7265
𝑥
< 20.20.2.2
inteldual_band_wireless-ac_3168
𝑥
< 20.20.2.2
inteltri-band_wireless-ac_17265
𝑥
< 20.20.2.2
inteldual_band_wireless-ac_8260
𝑥
< 20.20.2.2
inteltri-band_wireless-ac_18260
𝑥
< 20.20.2.2
inteldual_band_wireless-ac_8265
𝑥
< 20.20.2.2
inteltri-band_wireless-ac_18265
𝑥
< 20.20.2.2
intelwireless-ac_9260
𝑥
< 20.20.2.2
intelwireless-ac_9560
𝑥
< 20.20.2.2
intelwireless-ac_9461
𝑥
< 20.20.2.2
intelwireless-ac_9462
𝑥
< 20.20.2.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00126.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00126.html