Sign-up

ID

VAR-202102-0264


CVE

CVE-2020-24462


TITLE

Intel(R) Graphics Driver  Out-of-bounds Vulnerability in Microsoft

Trust: 0.8

sources: JVNDB: JVNDB-2020-015989

DESCRIPTION

Out of bounds write in the Intel(R) Graphics Driver before version 15.33.53.5161, 15.36.40.5162, 15.40.47.5166, 15.45.33.5164 and 27.20.100.8336 may allow an authenticated user to potentially enable an escalation of privilege via local access. Intel(R) Graphics Driver Is vulnerable to an out-of-bounds write.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. There is a security vulnerability in the Intel Graphics Driver. There is no information about this vulnerability at present. Please keep an eye on CNNVD or the manufacturer's announcement

Trust: 1.71

sources: NVD: CVE-2020-24462 // JVNDB: JVNDB-2020-015989 // VULHUB: VHN-178343

AFFECTED PRODUCTS

vendor:intelmodel:graphics driversscope:ltversion:27.20.100.8336

Trust: 1.0

vendor:intelmodel:graphics driversscope:ltversion:15.33.53.5161

Trust: 1.0

vendor:intelmodel:graphics driversscope:gteversion:15.40.0.0

Trust: 1.0

vendor:intelmodel:graphics driversscope:gteversion:15.45.0.0

Trust: 1.0

vendor:intelmodel:graphics driversscope:ltversion:15.45.33.5164

Trust: 1.0

vendor:intelmodel:graphics driversscope:ltversion:15.36.40.5162

Trust: 1.0

vendor:intelmodel:graphics driversscope:gteversion:15.36

Trust: 1.0

vendor:intelmodel:graphics driversscope:gteversion:27.20

Trust: 1.0

vendor:intelmodel:graphics driversscope:ltversion:15.40.47.5166

Trust: 1.0

vendor:インテルmodel:intel graphics driversscope:eqversion:15.40.47.5166

Trust: 0.8

vendor:インテルmodel:intel graphics driversscope:eqversion:15.45.33.5164

Trust: 0.8

vendor:インテルmodel:intel graphics driversscope:eqversion:15.36.40.5162

Trust: 0.8

vendor:インテルmodel:intel graphics driversscope:eqversion:27.20.100.8336

Trust: 0.8

vendor:インテルmodel:intel graphics driversscope:eqversion:15.33.53.5161

Trust: 0.8

vendor:インテルmodel:intel graphics driversscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-015989 // NVD: CVE-2020-24462

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-24462
value: HIGH

Trust: 1.0

NVD: CVE-2020-24462
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202102-1288
value: HIGH

Trust: 0.6

VULHUB: VHN-178343
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-24462
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-178343
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-24462
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2020-24462
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-178343 // JVNDB: JVNDB-2020-015989 // CNNVD: CNNVD-202102-1288 // NVD: CVE-2020-24462

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.1

problemtype:Out-of-bounds writing (CWE-787) [NVD Evaluation ]

Trust: 0.8

sources: VULHUB: VHN-178343 // JVNDB: JVNDB-2020-015989 // NVD: CVE-2020-24462

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202102-1288

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202102-1288

PATCH

title:INTEL-SA-00438url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html

Trust: 0.8

title:Intel Graphics Driver Fixes for permissions and access control issues vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142660

Trust: 0.6

sources: JVNDB: JVNDB-2020-015989 // CNNVD: CNNVD-202102-1288

EXTERNAL IDS

db:NVDid:CVE-2020-24462

Trust: 2.5

db:JVNid:JVNVU93808918

Trust: 0.8

db:JVNDBid:JVNDB-2020-015989

Trust: 0.8

db:CNNVDid:CNNVD-202102-1288

Trust: 0.7

db:VULHUBid:VHN-178343

Trust: 0.1

sources: VULHUB: VHN-178343 // JVNDB: JVNDB-2020-015989 // CNNVD: CNNVD-202102-1288 // NVD: CVE-2020-24462

REFERENCES

url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2020-24462

Trust: 1.4

url:https://jvn.jp/vu/jvnvu93808918/index.html

Trust: 0.8

url:https://vigilance.fr/vulnerability/intel-graphics-drivers-multiple-vulnerabilities-34748

Trust: 0.6

sources: VULHUB: VHN-178343 // JVNDB: JVNDB-2020-015989 // CNNVD: CNNVD-202102-1288 // NVD: CVE-2020-24462

SOURCES

db:VULHUBid:VHN-178343
db:JVNDBid:JVNDB-2020-015989
db:CNNVDid:CNNVD-202102-1288
db:NVDid:CVE-2020-24462

LAST UPDATE DATE

2024-11-23T20:59:06.680000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-178343date:2021-02-23T00:00:00
db:JVNDBid:JVNDB-2020-015989date:2021-10-29T08:59:00
db:CNNVDid:CNNVD-202102-1288date:2021-08-17T00:00:00
db:NVDid:CVE-2020-24462date:2024-11-21T05:14:52.160

SOURCES RELEASE DATE

db:VULHUBid:VHN-178343date:2021-02-17T00:00:00
db:JVNDBid:JVNDB-2020-015989date:2021-10-29T00:00:00
db:CNNVDid:CNNVD-202102-1288date:2021-02-17T00:00:00
db:NVDid:CVE-2020-24462date:2021-02-17T14:15:16.623