Sign-up

ID

VAR-202008-0074


CVE

CVE-2020-0510


TITLE

Intel(R) Graphics Drivers Out-of-bounds read vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-009524

DESCRIPTION

Out of bounds read in some Intel(R) Graphics Drivers before versions 15.45.31.5127 and 15.40.45.5126 may allow an authenticated user to potentially enable escalation of privilege via local access. Intel(R) Graphics Drivers Exists in an out-of-bounds read vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A security vulnerability exists in Intel Graphics Drivers prior to 15.45.31.5127 and 15.40.45.5126. An attacker could exploit this vulnerability to elevate privileges

Trust: 1.71

sources: NVD: CVE-2020-0510 // JVNDB: JVNDB-2020-009524 // VULHUB: VHN-161944

AFFECTED PRODUCTS

vendor:intelmodel:graphics driversscope:ltversion:15.40.45.5126

Trust: 1.0

vendor:intelmodel:graphics driversscope:gteversion:15.45.0.0

Trust: 1.0

vendor:intelmodel:graphics driversscope:gteversion:15.40.0.0

Trust: 1.0

vendor:intelmodel:graphics driversscope:ltversion:15.45.31.5127

Trust: 1.0

vendor:intelmodel:graphics driversscope:eqversion:15.40.45.5126

Trust: 0.8

vendor:intelmodel:graphics driversscope:eqversion:15.45.31.5127

Trust: 0.8

sources: JVNDB: JVNDB-2020-009524 // NVD: CVE-2020-0510

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-0510
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-009524
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202008-601
value: HIGH

Trust: 0.6

VULHUB: VHN-161944
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-0510
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-009524
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-161944
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-0510
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-009524
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-161944 // JVNDB: JVNDB-2020-009524 // CNNVD: CNNVD-202008-601 // NVD: CVE-2020-0510

PROBLEMTYPE DATA

problemtype:CWE-125

Trust: 1.9

sources: VULHUB: VHN-161944 // JVNDB: JVNDB-2020-009524 // NVD: CVE-2020-0510

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202008-601

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202008-601

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-009524

PATCH
title:INTEL-SA-00369url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00369.html
Trust: 0.8
title:Intel Graphics Drivers Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=126074
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2020-009524 // 
            
            
            
            CNNVD: CNNVD-202008-601

EXTERNAL IDS
db:NVDid:CVE-2020-0510
Trust: 2.5
db:JVNid:JVNVU99606488
Trust: 0.8
db:JVNDBid:JVNDB-2020-009524
Trust: 0.8
db:CNNVDid:CNNVD-202008-601
Trust: 0.7
db:AUSCERTid:ESB-2020.2760
Trust: 0.6
db:LENOVOid:LEN-36229
Trust: 0.6
db:NSFOCUSid:48143
Trust: 0.6
db:CNVDid:CNVD-2020-49546
Trust: 0.1
db:VULHUBid:VHN-161944
Trust: 0.1
sources:
            
            
            VULHUB: VHN-161944 // 
            
            
            
            JVNDB: JVNDB-2020-009524 // 
            
            
            
            CNNVD: CNNVD-202008-601 // 
            
            
            
            NVD: CVE-2020-0510

REFERENCES
url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00369.html
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2020-0510
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-0510
Trust: 0.8
url:https://jvn.jp/vu/jvnvu99606488/
Trust: 0.8
url:https://support.lenovo.com/us/en/product_security/len-36229
Trust: 0.6
url:http://www.nsfocus.net/vulndb/48143
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2020.2760/
Trust: 0.6
sources:
            
            
            VULHUB: VHN-161944 // 
            
            
            
            JVNDB: JVNDB-2020-009524 // 
            
            
            
            CNNVD: CNNVD-202008-601 // 
            
            
            
            NVD: CVE-2020-0510

CREDITS
Ori Nimron (@orinimron123)
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202008-601

SOURCES
db:VULHUBid:VHN-161944
db:JVNDBid:JVNDB-2020-009524
db:CNNVDid:CNNVD-202008-601
db:NVDid:CVE-2020-0510

LAST UPDATE DATE
2024-11-23T21:35:21.297000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-161944date:2020-08-19T00:00:00
db:JVNDBid:JVNDB-2020-009524date:2020-11-10T08:48:33
db:CNNVDid:CNNVD-202008-601date:2022-02-10T00:00:00
db:NVDid:CVE-2020-0510date:2024-11-21T04:53:38.497

SOURCES RELEASE DATE
db:VULHUBid:VHN-161944date:2020-08-13T00:00:00
db:JVNDBid:JVNDB-2020-009524date:2020-11-10T08:48:33
db:CNNVDid:CNNVD-202008-601date:2020-08-11T00:00:00
db:NVDid:CVE-2020-0510date:2020-08-13T04:15:12.490