Insufficient Access Control in Intel Processor Identification Utility for Windows
CVE-2019-11163

7.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Processor Identification Utility For Windows* Advisory
Vendor: CVE Published:; 19 August 2019

What is CVE-2019-11163?

A flaw in the hardware abstraction driver of Intel's Processor Identification Utility for Windows could allow an authenticated user to manipulate system privileges. By exploiting this weakness, a user may achieve unauthorized access, leading to the potential for privilege escalation, denial of service, or information disclosure through local interactions.

Affected Version(s)

Intel(R) Processor Identification Utility for Windows* Advisory Versions before 6.1.0731

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 19, 2019
Vulnerability Reserved
Apr 11, 2019

JSON