Insufficient Access Control in Intel Computing Improvement Program Driver
CVE-2019-11162

7.8HIGH

Key Information:

Vendor
Intel
Status
Intel(r) Computing Improvement Program Advisory
Vendor
CVE Published:
19 August 2019

Summary

The Intel Computing Improvement Program driver prior to version 2.4.0.04733 contains insufficient access control vulnerabilities. This flaw allows authenticated users to perform unauthorized actions, potentially leading to escalation of privileges, denial of service, or information disclosure. The vulnerability affects local access and may significantly compromise system security if exploited.

Affected Version(s)

Intel(R) Computing Improvement Program Advisory Versions before 2.4.0.04733

References

https://www.intel.com/content/www/us/en/security-center/a...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.