What is CVE-2018-3686?

CVE-2018-3686 is a medium-severity vulnerability in Intel Sa-00086_detection_tool, classified under Code Injection. CVSS score: 6.7/10. Published 2018-09-12.

How severe is CVE-2018-3686?

Medium severity. CVSS v3 base score is 6.7 out of 10.

RCE in Intel Sa-00086_detection_tool

CVE-2018-3686

Code injection vulnerability in INTEL-SA-00086 Detection Tool before version 1.2.7.0 may allow a privileged user to potentially execute arbitrary code via local access.

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.004 (35.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H.

Affected products

Intel Sa-00086_detection_tool
Intel Corporation Intel-sa-00086 Detection Tool — versions Versions before 1.2.7.0.

Weakness classification (CWE)

CWE-94 — Code Injection

References

secure@intel.com (x_refsource_CONFIRM, Patch, Vendor Advisory)

Frequently asked questions

What is CVE-2018-3686?: CVE-2018-3686 is a medium-severity vulnerability in Intel Sa-00086_detection_tool, classified under Code Injection. CVSS score: 6.7/10. Published 2018-09-12.
How severe is CVE-2018-3686?: Medium severity. CVSS v3 base score is 6.7 out of 10.