Intel ID: INTEL-SA-00359 Advisory Category: Software Impact of vulnerability: Escalation of Privilege Severity rating: MEDIUM Original Release: 04/14/2020 Last revised: 04/14/2020 CVEID: CVE-2020-0598 Summary: A potential security vulnerability in the Intel® Binary Configuration Tool for Windows may allow escalation of privilege. Intel is not releasing updates to mitigate this potential vulnerability and has issued a Product Discontinuation Notice for the Intel® Binary Configuration Tool for Windows. Description: Uncontrolled search path in the installer for the Intel(R) Binary Configuration Tool for Windows, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. CVSS Base Score: 6.7 Medium CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: Intel® Binary Configuration Tool for Windows all versions. Recommendations: Intel has issued a Product Discontinuation notice for the Intel® Binary Configuration Tool for Windows and recommends that users of the Intel® Binary Configuration Tool for Windows uninstall it or discontinue use at their earliest convenience.