CVE-2019-0128

Published: Jun 13, 2019Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Improper permissions in the installer for Intel(R) Chipset Device Software (INF Update Utility) before version 10.1.1.45 may allow an authenticated user to escalate privilege via local access.

Affected (1)

Products: Intel: Chipset Device Software

Intel

1 product

Chipset Device Software

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Intel Chipset Device Software	Before 10.1.1.45

Related CWEs

CWE-264

References (6)

http://www.securityfocus.com/bid/108767

Source: secure@intel.com

Broken LinkThird Party AdvisoryVDB Entry

https://support.lenovo.com/us/en/product_security/LEN-27840

Source: secure@intel.com

Third Party Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00224.html

Source: secure@intel.com

PatchVendor Advisory

http://www.securityfocus.com/bid/108767

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkThird Party AdvisoryVDB Entry

https://support.lenovo.com/us/en/product_security/LEN-27840

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00224.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.