Integer Overflow Vulnerability in Intel Graphics Drivers
CVE-2020-12362

7.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Graphics Drivers For Windows * Before Version 26.20.100.7212 And
Vendor: CVE Published:; 17 February 2021

What is CVE-2020-12362?

An integer overflow vulnerability exists in the firmware of certain Intel Graphics Drivers that could allow a privileged user with local access to exploit this flaw. Specifically, the issue impacts versions for Windows earlier than 26.20.100.7212 and Linux kernels prior to version 5.5. If successfully exploited, this vulnerability could enable the user to escalate their privileges, potentially compromising system security.

Affected Version(s)

Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before version 26.20.100.7212 and before Linux kernel version 5.5

References

https://www.intel.com/content/www/us/en/security-center/a...

https://lists.debian.org/debian-lts-announce/2023/04/msg0...

mailing-list

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 17, 2021
Vulnerability Reserved
Apr 28, 2020