Sign-up

ID

VAR-202003-0360


CVE

CVE-2020-0519


TITLE

Intel(R) Graphics Driver Vulnerability related to authority management in

Trust: 0.8

sources: JVNDB: JVNDB-2020-003084

DESCRIPTION

Improper access control for Intel(R) Graphics Drivers before versions 15.33.49.5100 and 15.36.38.5117 may allow an authenticated user to potentially enable escalation of privilege or denial of service via local access. Intel(R) Graphics Driver Exists in a privilege management vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A security vulnerability exists in Intel Graphics Drivers prior to 15.33.49.5100 and prior to 15.36.38.5117 due to improper access controls. A local attacker could exploit this vulnerability to cause a denial of service

Trust: 1.71

sources: NVD: CVE-2020-0519 // JVNDB: JVNDB-2020-003084 // VULHUB: VHN-161953

AFFECTED PRODUCTS

vendor:intelmodel:graphics driverscope:ltversion:15.33.49.5100

Trust: 1.0

vendor:intelmodel:graphics driverscope:ltversion:15.36.38.5117

Trust: 1.0

vendor:intelmodel:graphics driverscope:gteversion:15.33

Trust: 1.0

vendor:intelmodel:graphics driverscope:gteversion:15.36

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.33.49.5100

Trust: 0.8

vendor:intelmodel:graphics driverscope:eqversion:15.36.38.5117

Trust: 0.8

sources: JVNDB: JVNDB-2020-003084 // NVD: CVE-2020-0519

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-0519
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-003084
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202003-540
value: HIGH

Trust: 0.6

VULHUB: VHN-161953
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-0519
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-003084
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-161953
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-0519
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-003084
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-161953 // JVNDB: JVNDB-2020-003084 // CNNVD: CNNVD-202003-540 // NVD: CVE-2020-0519

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-269

Trust: 0.9

sources: VULHUB: VHN-161953 // JVNDB: JVNDB-2020-003084 // NVD: CVE-2020-0519

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202003-540

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202003-540

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-003084

PATCH
title:INTEL-SA-00315url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00315.html
Trust: 0.8
title:Intel Graphics Drivers Fixes for access control error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=111486
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2020-003084 // 
            
            
            
            CNNVD: CNNVD-202003-540

EXTERNAL IDS
db:NVDid:CVE-2020-0519
Trust: 2.5
db:JVNid:JVNVU94445466
Trust: 0.8
db:JVNDBid:JVNDB-2020-003084
Trust: 0.8
db:CNNVDid:CNNVD-202003-540
Trust: 0.7
db:LENOVOid:LEN-30555
Trust: 0.6
db:AUSCERTid:ESB-2020.0871
Trust: 0.6
db:VULHUBid:VHN-161953
Trust: 0.1
sources:
            
            
            VULHUB: VHN-161953 // 
            
            
            
            JVNDB: JVNDB-2020-003084 // 
            
            
            
            CNNVD: CNNVD-202003-540 // 
            
            
            
            NVD: CVE-2020-0519

REFERENCES
url:https://security.netapp.com/advisory/ntap-20200320-0003/
Trust: 1.7
url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00315.html
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2020-0519
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-0519
Trust: 0.8
url:http://jvn.jp/vu/jvnvu94445466/index.html
Trust: 0.8
url:https://www.auscert.org.au/bulletins/esb-2020.0871/
Trust: 0.6
url:https://support.lenovo.com/us/en/product_security/len-30555
Trust: 0.6
sources:
            
            
            VULHUB: VHN-161953 // 
            
            
            
            JVNDB: JVNDB-2020-003084 // 
            
            
            
            CNNVD: CNNVD-202003-540 // 
            
            
            
            NVD: CVE-2020-0519

CREDITS
Ori Nimron (@orinimron123)
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202003-540

SOURCES
db:VULHUBid:VHN-161953
db:JVNDBid:JVNDB-2020-003084
db:CNNVDid:CNNVD-202003-540
db:NVDid:CVE-2020-0519

LAST UPDATE DATE
2024-11-23T19:56:46.227000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-161953date:2021-07-21T00:00:00
db:JVNDBid:JVNDB-2020-003084date:2020-04-03T00:00:00
db:CNNVDid:CNNVD-202003-540date:2021-05-24T00:00:00
db:NVDid:CVE-2020-0519date:2024-11-21T04:53:39.517

SOURCES RELEASE DATE
db:VULHUBid:VHN-161953date:2020-03-12T00:00:00
db:JVNDBid:JVNDB-2020-003084date:2020-04-03T00:00:00
db:CNNVDid:CNNVD-202003-540date:2020-03-10T00:00:00
db:NVDid:CVE-2020-0519date:2020-03-12T20:15:12.893