Details of VAR-202008-0076

ID

VAR-202008-0076

CVE

CVE-2020-0513

TITLE

Intel(R) Graphics Drivers Out-of-bounds write vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-009526

DESCRIPTION

Out of bounds write for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable escalation of privilege via local access. Intel(R) Graphics Drivers Is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A security vulnerability exists in versions prior to Intel Graphics Drivers 15.33.50.5129. An attacker could exploit this vulnerability to elevate privileges

Trust: 1.71

sources: NVD: CVE-2020-0513 // JVNDB: JVNDB-2020-009526 // VULHUB: VHN-161947

AFFECTED PRODUCTS

vendor:	intel	model:	graphics drivers	scope:	lt	version:	15.33.50.5129	Trust: 1.0
vendor:	intel	model:	graphics drivers	scope:	eq	version:	15.33.50.5129	Trust: 0.8

sources: JVNDB: JVNDB-2020-009526 // NVD: CVE-2020-0513

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-0513
value:	HIGH
Trust: 1.0
NVD:	JVNDB-2020-009526
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202008-597
value:	HIGH
Trust: 0.6
VULHUB:	VHN-161947
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2020-0513
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	JVNDB-2020-009526
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-161947
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-0513
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	JVNDB-2020-009526
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-161947 // JVNDB: JVNDB-2020-009526 // CNNVD: CNNVD-202008-597 // NVD: CVE-2020-0513

PROBLEMTYPE DATA

problemtype:

CWE-787

Trust: 1.9

sources: VULHUB: VHN-161947 // JVNDB: JVNDB-2020-009526 // NVD: CVE-2020-0513

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202008-597

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202008-597

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-009526

PATCH

title:	INTEL-SA-00369	url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00369.html	Trust: 0.8
title:	Intel Graphics Drivers Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=126071	Trust: 0.6

sources: JVNDB: JVNDB-2020-009526 // CNNVD: CNNVD-202008-597

EXTERNAL IDS

db:	NVD	id:	CVE-2020-0513	Trust: 2.5
db:	JVN	id:	JVNVU99606488	Trust: 0.8
db:	JVNDB	id:	JVNDB-2020-009526	Trust: 0.8
db:	CNNVD	id:	CNNVD-202008-597	Trust: 0.7
db:	NSFOCUS	id:	48141	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.2760	Trust: 0.6
db:	LENOVO	id:	LEN-36229	Trust: 0.6
db:	CNVD	id:	CNVD-2020-49545	Trust: 0.1
db:	VULHUB	id:	VHN-161947	Trust: 0.1

sources: VULHUB: VHN-161947 // JVNDB: JVNDB-2020-009526 // CNNVD: CNNVD-202008-597 // NVD: CVE-2020-0513

REFERENCES

url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00369.html	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2020-0513	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-0513	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu99606488/	Trust: 0.8
url:	https://support.lenovo.com/us/en/product_security/len-36229	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/48141	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.2760/	Trust: 0.6

sources: VULHUB: VHN-161947 // JVNDB: JVNDB-2020-009526 // CNNVD: CNNVD-202008-597 // NVD: CVE-2020-0513

CREDITS

Ori Nimron (@orinimron123)

Trust: 0.6

sources: CNNVD: CNNVD-202008-597

SOURCES

db:	VULHUB	id:	VHN-161947
db:	JVNDB	id:	JVNDB-2020-009526
db:	CNNVD	id:	CNNVD-202008-597
db:	NVD	id:	CVE-2020-0513

LAST UPDATE DATE

2024-11-23T21:35:22.650000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-161947	date:	2020-08-19T00:00:00
db:	JVNDB	id:	JVNDB-2020-009526	date:	2020-11-10T08:48:36
db:	CNNVD	id:	CNNVD-202008-597	date:	2022-02-10T00:00:00
db:	NVD	id:	CVE-2020-0513	date:	2024-11-21T04:53:38.820

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-161947	date:	2020-08-13T00:00:00
db:	JVNDB	id:	JVNDB-2020-009526	date:	2020-11-10T08:48:36
db:	CNNVD	id:	CNNVD-202008-597	date:	2020-08-11T00:00:00
db:	NVD	id:	CVE-2020-0513	date:	2020-08-13T04:15:12.633