Sign-up

ID

VAR-202004-0362


CVE

CVE-2020-0568


TITLE

Intel(R) Driver and Support Assistant Race condition vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2020-004595

DESCRIPTION

Race condition in the Intel(R) Driver and Support Assistant before version 20.1.5 may allow an authenticated user to potentially enable denial of service via local access. Intel Driver and Support Assistant is an Intel Driver and Support Assistant application from Intel Corporation. This program is primarily used to detect and install system driver updates. An attacker could exploit this vulnerability to cause a denial of service

Trust: 1.8

sources: NVD: CVE-2020-0568 // JVNDB: JVNDB-2020-004595 // VULHUB: VHN-162002 // VULMON: CVE-2020-0568

AFFECTED PRODUCTS

vendor:intelmodel:driver \& support assistantscope:ltversion:20.1.5

Trust: 1.0

vendor:intelmodel:driver and support assistantscope:eqversion:20.1.5

Trust: 0.8

sources: JVNDB: JVNDB-2020-004595 // NVD: CVE-2020-0568

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-0568
value: MEDIUM

Trust: 1.0

NVD: JVNDB-2020-004595
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202004-1202
value: MEDIUM

Trust: 0.6

VULHUB: VHN-162002
value: LOW

Trust: 0.1

VULMON: CVE-2020-0568
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2020-0568
severity: LOW
baseScore: 1.9
vectorString: AV:L/AC:M/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.4
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2020-004595
severity: LOW
baseScore: 1.9
vectorString: AV:L/AC:M/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-162002
severity: LOW
baseScore: 1.9
vectorString: AV:L/AC:M/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.4
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-0568
baseSeverity: MEDIUM
baseScore: 4.7
vectorString: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.0
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-004595
baseSeverity: MEDIUM
baseScore: 4.7
vectorString: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-162002 // VULMON: CVE-2020-0568 // JVNDB: JVNDB-2020-004595 // CNNVD: CNNVD-202004-1202 // NVD: CVE-2020-0568

PROBLEMTYPE DATA

problemtype:CWE-362

Trust: 1.9

sources: VULHUB: VHN-162002 // JVNDB: JVNDB-2020-004595 // NVD: CVE-2020-0568

TYPE

competition condition problem

Trust: 0.6

sources: CNNVD: CNNVD-202004-1202

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-004595

PATCH
title:INTEL-SA-00344url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00344.html
Trust: 0.8
title:Intel Driver and Support Assistant Repair measures for the competition condition problem loopholeurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116502
Trust: 0.6
title:CVE-2020-0568_INTEL-SA-00344url:https://github.com/hessandrew/CVE-2020-0568_INTEL-SA-00344 
Trust: 0.1
title:PoCurl:https://github.com/Jonathan-Elias/PoC 
Trust: 0.1
title:PoC-in-GitHuburl:https://github.com/developer3000S/PoC-in-GitHub 
Trust: 0.1
title:CVE-POCurl:https://github.com/0xT11/CVE-POC 
Trust: 0.1
title:PoC-in-GitHuburl:https://github.com/hectorgie/PoC-in-GitHub 
Trust: 0.1
title:PoC-in-GitHuburl:https://github.com/nomi-sec/PoC-in-GitHub 
Trust: 0.1
title:Threatposturl:https://threatpost.com/intel-high-severity-flaws-nuc-modular-server-compute-module/154800/
Trust: 0.1
sources:
            
            
            VULMON: CVE-2020-0568 // 
            
            
            
            JVNDB: JVNDB-2020-004595 // 
            
            
            
            CNNVD: CNNVD-202004-1202

EXTERNAL IDS
db:NVDid:CVE-2020-0568
Trust: 2.6
db:JVNid:JVNVU97303667
Trust: 0.8
db:JVNDBid:JVNDB-2020-004595
Trust: 0.8
db:CNNVDid:CNNVD-202004-1202
Trust: 0.7
db:VULHUBid:VHN-162002
Trust: 0.1
db:VULMONid:CVE-2020-0568
Trust: 0.1
sources:
            
            
            VULHUB: VHN-162002 // 
            
            
            
            VULMON: CVE-2020-0568 // 
            
            
            
            JVNDB: JVNDB-2020-004595 // 
            
            
            
            CNNVD: CNNVD-202004-1202 // 
            
            
            
            NVD: CVE-2020-0568

REFERENCES
url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00344.html
Trust: 1.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-0568
Trust: 0.8
url:https://jvn.jp/vu/jvnvu97303667/
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2020-0568\
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2020-0568
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/362.html
Trust: 0.1
url:https://github.com/hessandrew/cve-2020-0568_intel-sa-00344
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULHUB: VHN-162002 // 
            
            
            
            VULMON: CVE-2020-0568 // 
            
            
            
            JVNDB: JVNDB-2020-004595 // 
            
            
            
            CNNVD: CNNVD-202004-1202 // 
            
            
            
            NVD: CVE-2020-0568

SOURCES
db:VULHUBid:VHN-162002
db:VULMONid:CVE-2020-0568
db:JVNDBid:JVNDB-2020-004595
db:CNNVDid:CNNVD-202004-1202
db:NVDid:CVE-2020-0568

LAST UPDATE DATE
2024-11-23T21:13:04.225000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-162002date:2020-04-23T00:00:00
db:VULMONid:CVE-2020-0568date:2020-04-23T00:00:00
db:JVNDBid:JVNDB-2020-004595date:2020-05-21T00:00:00
db:CNNVDid:CNNVD-202004-1202date:2020-04-22T00:00:00
db:NVDid:CVE-2020-0568date:2024-11-21T04:53:46.583

SOURCES RELEASE DATE
db:VULHUBid:VHN-162002date:2020-04-15T00:00:00
db:VULMONid:CVE-2020-0568date:2020-04-15T00:00:00
db:JVNDBid:JVNDB-2020-004595date:2020-05-21T00:00:00
db:CNNVDid:CNNVD-202004-1202date:2020-04-15T00:00:00
db:NVDid:CVE-2020-0568date:2020-04-15T17:15:14.047