CVE-2018-18095
MEDIUMIntel SSD DC S4500 and S4600 Firmware < SCV10150 - Unauthenticated Privilege Escalation via Physical Access
Title source: llmDescription
Improper authentication in firmware for Intel(R) SSD DC S4500 Series and Intel(R) SSD DC S4600 Series before SCV10150 may allow an unprivileged user to potentially enable escalation of privilege via physical access.
References (5)
Core 5
Core References
Patch, Vendor Advisory x_refsource_confirm
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00267.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/109103
Third Party Advisory x_refsource_confirm
https://support.lenovo.com/us/en/product_security/LEN-28116
Vendor Advisory x_refsource_confirm
https://support.f5.com/csp/article/K62655863
Vendor Advisory x_refsource_confirm
https://support.f5.com/csp/article/K62655863?utm_source=f5support&%3Butm_medium=RSS
Scores
CVSS v3
6.8
EPSS
0.0016
EPSS Percentile
37.0%
Attack Vector
PHYSICAL
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-287
Status
published
Products (2)
intel/ssd_dc_s4500_firmware
< scv10150
intel/ssd_dc_s4600_firmware
< scv10150
Published
Jul 11, 2019
Tracked Since
Feb 18, 2026