cvelistv5 - cve-2019-11163

CVE-2019-11163 (GCVE-0-2019-11163)

Vulnerability from cvelistv5 – Published: 2019-08-19 16:12 – Updated: 2024-08-04 22:48

Summary

Severity ?

No CVSS data available.

CWE

Escalation of Privilege, Denial of Service, Information Disclosure

Assigner

intel

References

URL

Tags

https://www.intel.com/content/www/us/en/security-…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	Intel(R) Processor Identification Utility for Windows* Advisory	Affected: Versions before 6.1.0731

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:48:08.604Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel(R) Processor Identification Utility for Windows* Advisory",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Versions before 6.1.0731"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Insufficient access control in a hardware abstraction driver for Intel(R) Processor Identification Utility for Windows before version 6.1.0731 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Escalation of Privilege, Denial of Service, Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-19T16:12:16",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2019-11163",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel(R) Processor Identification Utility for Windows* Advisory",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Versions before 6.1.0731"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Insufficient access control in a hardware abstraction driver for Intel(R) Processor Identification Utility for Windows before version 6.1.0731 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Escalation of Privilege, Denial of Service, Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2019-11163",
    "datePublished": "2019-08-19T16:12:16",
    "dateReserved": "2019-04-11T00:00:00",
    "dateUpdated": "2024-08-04T22:48:08.604Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:processor_identification_utility:*:*:*:*:*:windows:*:*\", \"versionEndExcluding\": \"6.1.0731\", \"matchCriteriaId\": \"29E16F11-E47B-430F-8CC4-007C6537A408\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Insufficient access control in a hardware abstraction driver for Intel(R) Processor Identification Utility for Windows before version 6.1.0731 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access.\"}, {\"lang\": \"es\", \"value\": \"Un control de acceso insuficiente en un controlador de abstracci\\u00f3n de hardware para Intel\\u00ae Processor Identification Utility para Windows versiones anteriores a  6.1.0731, puede permitir a un usuario autenticado habilitar potencialmente la escalada de privilegios, la denegaci\\u00f3n de servicio o la divulgaci\\u00f3n de informaci\\u00f3n por medio del acceso local.\"}]",
      "id": "CVE-2019-11163",
      "lastModified": "2024-11-21T04:20:38.970",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 4.6, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-08-19T17:15:11.730",
      "references": "[{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html\", \"source\": \"secure@intel.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "secure@intel.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-11163\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2019-08-19T17:15:11.730\",\"lastModified\":\"2024-11-21T04:20:38.970\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Insufficient access control in a hardware abstraction driver for Intel(R) Processor Identification Utility for Windows before version 6.1.0731 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access.\"},{\"lang\":\"es\",\"value\":\"Un control de acceso insuficiente en un controlador de abstracci\u00f3n de hardware para Intel\u00ae Processor Identification Utility para Windows versiones anteriores a  6.1.0731, puede permitir a un usuario autenticado habilitar potencialmente la escalada de privilegios, la denegaci\u00f3n de servicio o la divulgaci\u00f3n de informaci\u00f3n por medio del acceso local.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:processor_identification_utility:*:*:*:*:*:windows:*:*\",\"versionEndExcluding\":\"6.1.0731\",\"matchCriteriaId\":\"29E16F11-E47B-430F-8CC4-007C6537A408\"}]}]}],\"references\":[{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}

FKIE_CVE-2019-11163

Vulnerability from fkie_nvd - Published: 2019-08-19 17:15 - Updated: 2024-11-21 04:20

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	secure@intel.com	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html	Patch, Vendor Advisory

Impacted products

	Vendor	Product	Version
	intel	processor_identification_utility	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:intel:processor_identification_utility:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "29E16F11-E47B-430F-8CC4-007C6537A408",
              "versionEndExcluding": "6.1.0731",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insufficient access control in a hardware abstraction driver for Intel(R) Processor Identification Utility for Windows before version 6.1.0731 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access."
    },
    {
      "lang": "es",
      "value": "Un control de acceso insuficiente en un controlador de abstracci\u00f3n de hardware para Intel\u00ae Processor Identification Utility para Windows versiones anteriores a  6.1.0731, puede permitir a un usuario autenticado habilitar potencialmente la escalada de privilegios, la denegaci\u00f3n de servicio o la divulgaci\u00f3n de informaci\u00f3n por medio del acceso local."
    }
  ],
  "id": "CVE-2019-11163",
  "lastModified": "2024-11-21T04:20:38.970",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-08-19T17:15:11.730",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2019-11163

Vulnerability from gsd - Updated: 2023-12-13 01:24

Details

Aliases

CVE-2019-11163

Aliases

CVE-2019-11163

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-11163",
    "description": "Insufficient access control in a hardware abstraction driver for Intel(R) Processor Identification Utility for Windows before version 6.1.0731 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access.",
    "id": "GSD-2019-11163"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-11163"
      ],
      "details": "Insufficient access control in a hardware abstraction driver for Intel(R) Processor Identification Utility for Windows before version 6.1.0731 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access.",
      "id": "GSD-2019-11163",
      "modified": "2023-12-13T01:24:02.558739Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@intel.com",
        "ID": "CVE-2019-11163",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Intel(R) Processor Identification Utility for Windows* Advisory",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Versions before 6.1.0731"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Insufficient access control in a hardware abstraction driver for Intel(R) Processor Identification Utility for Windows before version 6.1.0731 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Escalation of Privilege, Denial of Service, Information Disclosure"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html",
            "refsource": "CONFIRM",
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:intel:processor_identification_utility:*:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.1.0731",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2019-11163"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Insufficient access control in a hardware abstraction driver for Intel(R) Processor Identification Utility for Windows before version 6.1.0731 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2020-08-24T17:37Z",
      "publishedDate": "2019-08-19T17:15Z"
    }
  }
}

VAR-201908-1943

Vulnerability from variot - Updated: 2023-12-18 12:50

Insufficient access control in a hardware abstraction driver for Intel(R) Processor Identification Utility for Windows before version 6.1.0731 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access. Intel Processor Identification Utility is a processor identification utility developed by Intel Corporation. The program supports displaying graphics information, chipset information, technologies supported by the processor, and other information. A local attacker could exploit this vulnerability to elevate privileges, cause denial of service or disclose information

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201908-1943",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "processor identification utility",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6.1.0731"
      },
      {
        "model": "authenticate",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "3.8 earlier"
      },
      {
        "model": "compute card",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "compute stick",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "computing improvement program",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2.4.0.04733 earlier"
      },
      {
        "model": "driver and support assistant",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "19.7.30.2 earlier"
      },
      {
        "model": "nuc kit",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "processor identification utility",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "for windows 6.1.0731 earlier"
      },
      {
        "model": "raid web console",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2"
      },
      {
        "model": "remote displays sdk",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2.0.1 r2 earlier"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007558"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11163"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:intel:processor_identification_utility:*:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.1.0731",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-11163"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Jesse Michael",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201908-1260"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-11163",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "VHN-142782",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2019-11163",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201908-1260",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-142782",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142782"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11163"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201908-1260"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Insufficient access control in a hardware abstraction driver for Intel(R) Processor Identification Utility for Windows before version 6.1.0731 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access. Intel Processor Identification Utility is a processor identification utility developed by Intel Corporation. The program supports displaying graphics information, chipset information, technologies supported by the processor, and other information. A local attacker could exploit this vulnerability to elevate privileges, cause denial of service or disclose information",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-11163"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142782"
      }
    ],
    "trust": 0.99
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-11163",
        "trust": 2.5
      },
      {
        "db": "JVN",
        "id": "JVNVU99945432",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007558",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201908-1260",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-18598",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-142782",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142782"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007558"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11163"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201908-1260"
      }
    ]
  },
  "id": "VAR-201908-1943",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142782"
      }
    ],
    "trust": 0.35292397
  },
  "last_update_date": "2023-12-18T12:50:08.018000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "[INTEL-SA-00283] Intel Computing Improvement Program Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00283.html"
      },
      {
        "title": "[INTEL-SA-00246] Intel RAID Web Console 2 Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00246.html"
      },
      {
        "title": "[INTEL-SA-00272] Intel NUC Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00272.html"
      },
      {
        "title": "[INTEL-SA-00275] Intel Authenticate Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00275.html"
      },
      {
        "title": "[INTEL-SA-00276] Intel Driver \u0026 Support Assistant Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00276.html"
      },
      {
        "title": "[INTEL-SA-00277] Intel Remote Displays SDK Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00277.html"
      },
      {
        "title": "[INTEL-SA-00281] Intel Processor Identification Utility for Windows* Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html"
      },
      {
        "title": "Intel Processor Identification Utility Fixes for access control error vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=96903"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007558"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201908-1260"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-284",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142782"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11163"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11163"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11163"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11162"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0173"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11140"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11143"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11145"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11146"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11148"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu99945432/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11162"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0173"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11140"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11143"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11145"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11146"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11148"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142782"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007558"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11163"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201908-1260"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-142782"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007558"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11163"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201908-1260"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-08-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142782"
      },
      {
        "date": "2019-08-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-007558"
      },
      {
        "date": "2019-08-19T17:15:11.730000",
        "db": "NVD",
        "id": "CVE-2019-11163"
      },
      {
        "date": "2019-08-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201908-1260"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-08-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142782"
      },
      {
        "date": "2019-10-04T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-007558"
      },
      {
        "date": "2020-08-24T17:37:01.140000",
        "db": "NVD",
        "id": "CVE-2019-11163"
      },
      {
        "date": "2020-08-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201908-1260"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201908-1260"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Intel Multiple vulnerabilities in the product",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-007558"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "access control error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201908-1260"
      }
    ],
    "trust": 0.6
  }
}

CERTFR-2019-AVI-399

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Intel. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Intel	N/A	Intel Processor Identification Utility pour Windows versions antérieures à 6.1.0731
Intel	N/A	Intel Remote Displays SDK versions antérieures à 2.0.1 R2
Intel	N/A	Intel Authenticate versions antérieures à 3.8
Intel	N/A	Intel Compute Stick STK2MV64CC versions antérieures à 0060
Intel	N/A	Intel NUC Kit NUC7i7DNx, NUC7i5DNx et NUC7i3DNx versions antérieures à 0066
Intel	N/A	Intel Compute Card CD1IV128MK versions antérieures à 0037
Intel	N/A	Intel Computing Improvement Program versions antérieures à 2.4.0.04733
Intel	N/A	Intel RAID Web Console 3 versions antérieures à 7.009.011.000
Intel	N/A	Intel Driver & Support Assistant versions antérieures à 19.7.30.2

References

Title

Publication Time

Tags

Bulletin de sécurité Intel intel-sa-00246 du 13 août 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00272 du 13 août 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00281 du 13 août 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00283 du 13 août 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00276 du 13 août 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00277 du 13 août 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00275 du 13 août 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Intel Processor Identification Utility pour Windows versions ant\u00e9rieures \u00e0 6.1.0731",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Remote Displays SDK versions ant\u00e9rieures \u00e0 2.0.1 R2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Authenticate versions ant\u00e9rieures \u00e0 3.8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Compute Stick STK2MV64CC versions ant\u00e9rieures \u00e0 0060",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC7i7DNx, NUC7i5DNx et NUC7i3DNx versions ant\u00e9rieures \u00e0 0066",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Compute Card CD1IV128MK versions ant\u00e9rieures \u00e0 0037",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Computing Improvement Program versions ant\u00e9rieures \u00e0 2.4.0.04733",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel RAID Web Console 3 versions ant\u00e9rieures \u00e0 7.009.011.000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Driver \u0026 Support Assistant versions ant\u00e9rieures \u00e0 19.7.30.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-11146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11146"
    },
    {
      "name": "CVE-2019-11140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11140"
    },
    {
      "name": "CVE-2019-11143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11143"
    },
    {
      "name": "CVE-2019-11162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11162"
    },
    {
      "name": "CVE-2019-0173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0173"
    },
    {
      "name": "CVE-2019-11145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11145"
    },
    {
      "name": "CVE-2019-11163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11163"
    },
    {
      "name": "CVE-2019-11148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11148"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-399",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-08-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni\nde service, un contournement de la politique de s\u00e9curit\u00e9 et une atteinte\n\u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00246 du 13 ao\u00fbt 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00246.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00272 du 13 ao\u00fbt 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00272.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00281 du 13 ao\u00fbt 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00283 du 13 ao\u00fbt 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00283.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00276 du 13 ao\u00fbt 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00276.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00277 du 13 ao\u00fbt 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00277.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00275 du 13 ao\u00fbt 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00275.html"
    }
  ]
}

CERTFR-2019-AVI-399

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Intel	N/A	Intel Processor Identification Utility pour Windows versions antérieures à 6.1.0731
Intel	N/A	Intel Remote Displays SDK versions antérieures à 2.0.1 R2
Intel	N/A	Intel Authenticate versions antérieures à 3.8
Intel	N/A	Intel Compute Stick STK2MV64CC versions antérieures à 0060
Intel	N/A	Intel NUC Kit NUC7i7DNx, NUC7i5DNx et NUC7i3DNx versions antérieures à 0066
Intel	N/A	Intel Compute Card CD1IV128MK versions antérieures à 0037
Intel	N/A	Intel Computing Improvement Program versions antérieures à 2.4.0.04733
Intel	N/A	Intel RAID Web Console 3 versions antérieures à 7.009.011.000
Intel	N/A	Intel Driver & Support Assistant versions antérieures à 19.7.30.2

References

Title

Publication Time

Tags

Bulletin de sécurité Intel intel-sa-00246 du 13 août 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00272 du 13 août 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00281 du 13 août 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00283 du 13 août 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00276 du 13 août 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00277 du 13 août 2019	None	vendor-advisory
Bulletin de sécurité Intel intel-sa-00275 du 13 août 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Intel Processor Identification Utility pour Windows versions ant\u00e9rieures \u00e0 6.1.0731",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Remote Displays SDK versions ant\u00e9rieures \u00e0 2.0.1 R2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Authenticate versions ant\u00e9rieures \u00e0 3.8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Compute Stick STK2MV64CC versions ant\u00e9rieures \u00e0 0060",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel NUC Kit NUC7i7DNx, NUC7i5DNx et NUC7i3DNx versions ant\u00e9rieures \u00e0 0066",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Compute Card CD1IV128MK versions ant\u00e9rieures \u00e0 0037",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Computing Improvement Program versions ant\u00e9rieures \u00e0 2.4.0.04733",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel RAID Web Console 3 versions ant\u00e9rieures \u00e0 7.009.011.000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Driver \u0026 Support Assistant versions ant\u00e9rieures \u00e0 19.7.30.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-11146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11146"
    },
    {
      "name": "CVE-2019-11140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11140"
    },
    {
      "name": "CVE-2019-11143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11143"
    },
    {
      "name": "CVE-2019-11162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11162"
    },
    {
      "name": "CVE-2019-0173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0173"
    },
    {
      "name": "CVE-2019-11145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11145"
    },
    {
      "name": "CVE-2019-11163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11163"
    },
    {
      "name": "CVE-2019-11148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11148"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-399",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-08-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni\nde service, un contournement de la politique de s\u00e9curit\u00e9 et une atteinte\n\u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00246 du 13 ao\u00fbt 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00246.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00272 du 13 ao\u00fbt 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00272.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00281 du 13 ao\u00fbt 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00283 du 13 ao\u00fbt 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00283.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00276 du 13 ao\u00fbt 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00276.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00277 du 13 ao\u00fbt 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00277.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00275 du 13 ao\u00fbt 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00275.html"
    }
  ]
}

GHSA-CGXW-GMJP-JG5P

Vulnerability from github – Published: 2022-05-24 16:53 – Updated: 2022-05-24 16:53

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-11163"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-08-19T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "Insufficient access control in a hardware abstraction driver for Intel(R) Processor Identification Utility for Windows before version 6.1.0731 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access.",
  "id": "GHSA-cgxw-gmjp-jg5p",
  "modified": "2022-05-24T16:53:56Z",
  "published": "2022-05-24T16:53:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11163"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CNVD-2020-18598

Vulnerability from cnvd - Published: 2020-03-22

Title

Intel Processor Identification Utility访问控制错误漏洞

Description

Intel Processor Identification Utility是美国英特尔（Intel）公司的一款处理器识别实用程序。该程序支持显示图形信息、芯片组信息、处理器支持的技术以及其他信息等。 Intel Processor Identification Utility存在访问控制错误漏洞。攻击者可利用该漏洞提升权限，造成拒绝服务或泄露信息。

Severity

中

Patch Name

Intel Processor Identification Utility访问控制错误漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html

Reference

https://nvd.nist.gov/vuln/detail/CVE-2019-11163

Impacted products

Name
Intel Intel Processor Identification Utility <6.1.0731

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-11163",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2019-11163"
    }
  },
  "description": "Intel Processor Identification Utility\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u5904\u7406\u5668\u8bc6\u522b\u5b9e\u7528\u7a0b\u5e8f\u3002\u8be5\u7a0b\u5e8f\u652f\u6301\u663e\u793a\u56fe\u5f62\u4fe1\u606f\u3001\u82af\u7247\u7ec4\u4fe1\u606f\u3001\u5904\u7406\u5668\u652f\u6301\u7684\u6280\u672f\u4ee5\u53ca\u5176\u4ed6\u4fe1\u606f\u7b49\u3002\n\nIntel Processor Identification Utility\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\uff0c\u9020\u6210\u62d2\u7edd\u670d\u52a1\u6216\u6cc4\u9732\u4fe1\u606f\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-18598",
  "openTime": "2020-03-22",
  "patchDescription": "Intel Processor Identification Utility\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u5904\u7406\u5668\u8bc6\u522b\u5b9e\u7528\u7a0b\u5e8f\u3002\u8be5\u7a0b\u5e8f\u652f\u6301\u663e\u793a\u56fe\u5f62\u4fe1\u606f\u3001\u82af\u7247\u7ec4\u4fe1\u606f\u3001\u5904\u7406\u5668\u652f\u6301\u7684\u6280\u672f\u4ee5\u53ca\u5176\u4ed6\u4fe1\u606f\u7b49\u3002\r\n\r\nIntel Processor Identification Utility\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\uff0c\u9020\u6210\u62d2\u7edd\u670d\u52a1\u6216\u6cc4\u9732\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Intel Processor Identification Utility\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Intel Intel Processor Identification Utility \u003c6.1.0731"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-11163",
  "serverity": "\u4e2d",
  "submitTime": "2019-08-21",
  "title": "Intel Processor Identification Utility\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2019-11163 (GCVE-0-2019-11163)

FKIE_CVE-2019-11163

GSD-2019-11163

VAR-201908-1943

CERTFR-2019-AVI-399

Solution

CERTFR-2019-AVI-399

Solution

GHSA-CGXW-GMJP-JG5P

CNVD-2020-18598

Tags

Sightings

Nomenclature