Sign-up

ID

VAR-202008-1127


CVE

CVE-2020-8680


TITLE

Intel(R) Graphics Drivers Race condition vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2020-009486

DESCRIPTION

Race condition in some Intel(R) Graphics Drivers before version 15.40.45.5126 may allow an authenticated user to potentially enable escalation of privilege via local access. (DoS) It may be put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A security vulnerability exists in system drivers in versions prior to Intel Graphics Drivers 15.40.45.5126. An attacker could exploit this vulnerability to elevate privileges

Trust: 1.71

sources: NVD: CVE-2020-8680 // JVNDB: JVNDB-2020-009486 // VULHUB: VHN-186805

AFFECTED PRODUCTS

vendor:intelmodel:graphics driversscope:ltversion:15.40.45.5126

Trust: 1.0

vendor:intelmodel:graphics driversscope:eqversion:15.40.45.5126

Trust: 0.8

sources: JVNDB: JVNDB-2020-009486 // NVD: CVE-2020-8680

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-8680
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-009486
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202008-592
value: HIGH

Trust: 0.6

VULHUB: VHN-186805
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-8680
severity: MEDIUM
baseScore: 4.4
vectorString: AV:L/AC:M/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.4
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-009486
severity: MEDIUM
baseScore: 4.4
vectorString: AV:L/AC:M/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-186805
severity: MEDIUM
baseScore: 4.4
vectorString: AV:L/AC:M/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.4
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-8680
baseSeverity: HIGH
baseScore: 7.0
vectorString: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.0
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-009486
baseSeverity: HIGH
baseScore: 7.0
vectorString: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-186805 // JVNDB: JVNDB-2020-009486 // CNNVD: CNNVD-202008-592 // NVD: CVE-2020-8680

PROBLEMTYPE DATA

problemtype:CWE-362

Trust: 1.9

sources: VULHUB: VHN-186805 // JVNDB: JVNDB-2020-009486 // NVD: CVE-2020-8680

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202008-592

TYPE

competition condition problem

Trust: 0.6

sources: CNNVD: CNNVD-202008-592

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-009486

PATCH
title:INTEL-SA-00369url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00369.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2020-009486

EXTERNAL IDS
db:NVDid:CVE-2020-8680
Trust: 2.5
db:JVNid:JVNVU99606488
Trust: 0.8
db:JVNDBid:JVNDB-2020-009486
Trust: 0.8
db:CNNVDid:CNNVD-202008-592
Trust: 0.7
db:AUSCERTid:ESB-2020.2760
Trust: 0.6
db:LENOVOid:LEN-36229
Trust: 0.6
db:NSFOCUSid:49020
Trust: 0.6
db:CNVDid:CNVD-2020-49542
Trust: 0.1
db:VULHUBid:VHN-186805
Trust: 0.1
sources:
            
            
            VULHUB: VHN-186805 // 
            
            
            
            JVNDB: JVNDB-2020-009486 // 
            
            
            
            CNNVD: CNNVD-202008-592 // 
            
            
            
            NVD: CVE-2020-8680

REFERENCES
url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00369.html
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2020-8680
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-8680
Trust: 0.8
url:https://jvn.jp/vu/jvnvu99606488
Trust: 0.8
url:https://support.lenovo.com/us/en/product_security/len-36229
Trust: 0.6
url:http://www.nsfocus.net/vulndb/49020
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2020.2760/
Trust: 0.6
sources:
            
            
            VULHUB: VHN-186805 // 
            
            
            
            JVNDB: JVNDB-2020-009486 // 
            
            
            
            CNNVD: CNNVD-202008-592 // 
            
            
            
            NVD: CVE-2020-8680

CREDITS
Ori Nimron (@orinimron123)
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202008-592

SOURCES
db:VULHUBid:VHN-186805
db:JVNDBid:JVNDB-2020-009486
db:CNNVDid:CNNVD-202008-592
db:NVDid:CVE-2020-8680

LAST UPDATE DATE
2024-11-23T21:35:21.859000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-186805date:2020-08-19T00:00:00
db:JVNDBid:JVNDB-2020-009486date:2020-11-10T06:26:56
db:CNNVDid:CNNVD-202008-592date:2022-02-10T00:00:00
db:NVDid:CVE-2020-8680date:2024-11-21T05:39:14.673

SOURCES RELEASE DATE
db:VULHUBid:VHN-186805date:2020-08-13T00:00:00
db:JVNDBid:JVNDB-2020-009486date:2020-11-10T06:26:56
db:CNNVDid:CNNVD-202008-592date:2020-08-11T00:00:00
db:NVDid:CVE-2020-8680date:2020-08-13T04:15:13.460