Insufficient Input Validation in Intel Graphics Driver for Windows
CVE-2018-12216

8.2HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Graphics Driver For Windows
Vendor: CVE Published:; 14 March 2019

What is CVE-2018-12216?

The Intel Graphics Driver for Windows contains a flaw due to insufficient input validation in its Kernel Mode Driver. This vulnerability can allow a privileged user to execute arbitrary code locally, potentially compromising system integrity. The affected driver versions include those prior to 10.18.x.5059, 10.18.x.5057, 20.19.x.5063, 21.20.x.5064, and 24.20.100.6373. Users are advised to update their drivers to the latest versions to mitigate this security risk. For more details, visit the official Intel and Lenovo advisories.

Affected Version(s)

Intel(R) Graphics Driver for Windows Multiple versions.

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_CONFIRM

https://support.lenovo.com/us/en/product_security/LEN-25084

x_refsource_CONFIRM

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 14, 2019
Vulnerability Reserved
Jun 11, 2018