CVE-2017-5682 : Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System

Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges.

Published 2017-02-28 19:59:00

Updated 2019-10-03 00:03:26

Source Intel Corporation

View at NVD, CVE.org

Products affected by CVE-2017-5682

Intel » Threading Building Blocks » Version: 2017
cpe:2.3:a:intel:threading_building_blocks:2017:*:*:*:*:*:*:*
Matching versions
Intel » Integrated Performance Primitives » Version: 2017
cpe:2.3:a:intel:integrated_performance_primitives:2017:*:*:*:*:*:*:*
Matching versions
Intel » Data Analytics Acceleration Library » Version: 2017
cpe:2.3:a:intel:data_analytics_acceleration_library:2017:*:*:*:*:*:*:*
Matching versions
Intel » Math Kernel Library » Version: 2017
cpe:2.3:a:intel:math_kernel_library:2017:*:*:*:*:*:*:*
Matching versions
Intel » Cryptography For Intel Integrated Performance Primitives » Version: 2017
cpe:2.3:a:intel:cryptography_for_intel_integrated_performance_primitives:2017:*:*:*:*:*:*:*
Matching versions
Intel » Trace Analyzer And Collector » Version: 2017
cpe:2.3:a:intel:trace_analyzer_and_collector:2017:*:*:*:*:*:*:*
Matching versions
Intel » Mpi Library » Version: 2017
cpe:2.3:a:intel:mpi_library:2017:*:*:*:*:*:*:*
Matching versions
Intel » Advisor » Version: 2017
cpe:2.3:a:intel:advisor:2017:*:*:*:*:*:*:*
Matching versions
Intel » Inspector » Version: 2017
cpe:2.3:a:intel:inspector:2017:*:*:*:*:*:*:*
Matching versions
Intel » Vtune Amplifier » Version: 2017
cpe:2.3:a:intel:vtune_amplifier:2017:*:*:*:*:*:*:*
Matching versions
Intel » System Studio » Version: 2017
cpe:2.3:a:intel:system_studio:2017:*:*:*:*:*:*:*
Matching versions
Intel » Parallel Studio Xe » Version: 2017
cpe:2.3:a:intel:parallel_studio_xe:2017:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2017-5682

EPSS FAQ

0.11%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 26 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2017-5682

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C	8.6	10.0	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
7.3	HIGH	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H	1.3	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: High Availability: High

References for CVE-2017-5682

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070&languageid=en-fr

INTEL-SA-00070
Vendor Advisory
http://www.securityfocus.com/bid/96482

Multiple Intel Products CVE-2017-5682 Local Privilege Escalation Vulnerability
Third Party Advisory;VDB Entry

Jump to

Vulnerability Details : CVE-2017-5682

Products affected by CVE-2017-5682

Exploit prediction scoring system (EPSS) score for CVE-2017-5682

CVSS scores for CVE-2017-5682

References for CVE-2017-5682