CVE-2020-0514 — Incorrect Default Permissions in Intel Graphics Driver

CWE-276 — Incorrect Default Permissions37 documents4 sources

Severity

7.8HIGHNVD

EPSS

0.0%

top 88.96%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Graphics Driver Intel Graphics Drivers

Timeline

PublishedMar 12

Latest updateMay 24

Description

Improper default permissions in the installer for Intel(R) Graphics Drivers before versions 26.20.100.7463 and 15.45.30.5103 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5intel/intel_graphics_drivers15.45.30.5103, See advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00315.html, before versions 26.20.100.7463+2

▶NVDintel/graphics_driver15.45 — 15.45.30.5103+1

🔴Vulnerability Details

GHSA

GHSA-phcp-859q-x92g: Improper default permissions in the installer for Intel(R) Graphics Drivers before versions 26↗2022-05-24

▶

CVEList

CVE-2020-0514: Improper default permissions in the installer for Intel(R) Graphics Drivers before versions 26↗2020-03-12

▶

💬Community

Bugzilla

CVE-2020-6389 chromium-browser: Out of bounds write in WebRTC↗2020-02-10

▶

Bugzilla

CVE-2020-6396 chromium-browser: Inappropriate implementation in Skia↗2020-02-10

▶

Bugzilla

CVE-2020-6391 chromium-browser: Insufficient validation of untrusted input in Blink↗2020-02-10

▶

Bugzilla

CVE-2020-6408 chromium-browser: Insufficient policy enforcement in CORS↗2020-02-10

▶

Bugzilla

CVE-2020-6385 chromium-browser: Insufficient policy enforcement in storage↗2020-02-10

▶