Local Information Disclosure in Synaptics Touchpad Drivers
CVE-2018-15532

3.8LOW

Key Information:

Vendor

HP

Vendor
CVE Published:
21 March 2019

What is CVE-2018-15532?

The Synaptics Touchpad drivers prior to June 6, 2018, contain a vulnerability in the SynTP.sys file that permits local users to access sensitive information related to freed kernel addresses. This flaw could potentially be exploited to gain insights into system memory management and compromise system integrity.

References

CVSS V3.1

Score:
3.8
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.