CVE-2016-1493

7.5 HIGH

Published: January 29, 2016 Modified: May 06, 2026

Description

Intel Driver Update Utility before 2.4 retrieves driver updates in cleartext, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://packetstormsecurity.com/files/135314/Intel-Driver-Update-Utility-2.2.0.5-Man-In-The-Middle.html

Source: cve@mitre.org

http://seclists.org/fulldisclosure/2016/Jan/56

Source: cve@mitre.org

http://www.coresecurity.com/advisories/intel-driver-update-utility-mitm

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/537327/100/0/threaded

Source: cve@mitre.org

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00048&languageid=en-fr

Source: cve@mitre.org

Patch Vendor Advisory

http://packetstormsecurity.com/files/135314/Intel-Driver-Update-Utility-2.2.0.5-Man-In-The-Middle.html