Lucene search

IntelCVE-2019-0164

HistoryJun 13, 2019 - 4:29 p.m.

CVE-2019-0164

2019-06-1316:29:00

CWE-264

intel

web.nvd.nist.gov

cve-2019-0164

intel

turbo boost

technology 3.0

driver

installer

permissions

escalation of privilege

local access

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

CVSS3

7.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

17.3%

JSON

Improper permissions in the installer for Intel® Turbo Boost Max Technology 3.0 driver version 1.0.0.1035 and before may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected configurations

Nvd

Vulners

Node

intelturbo_boost_max_technology_3.0Range≤1.0.0.1035

Node

lenovothinkstation_p410_firmwareMatch-

AND

lenovothinkstation_p410Match-

Node

lenovothinkstation_p510_firmwareMatch-

AND

lenovothinkstation_p510Match-

Node

lenovothinkstation_p710_firmwareMatch-

AND

lenovothinkstation_p710Match-

Node

lenovothinkstation_p910_firmwareMatch-

AND

lenovothinkstation_p910Match-

VendorProductVersionCPE
intelturbo_boost_max_technology_3.0*cpe:2.3:a:intel:turbo_boost_max_technology_3.0:*:*:*:*:*:*:*:*
lenovothinkstation_p410_firmware-cpe:2.3:o:lenovo:thinkstation_p410_firmware:-:*:*:*:*:*:*:*
lenovothinkstation_p410-cpe:2.3:h:lenovo:thinkstation_p410:-:*:*:*:*:*:*:*
lenovothinkstation_p510_firmware-cpe:2.3:o:lenovo:thinkstation_p510_firmware:-:*:*:*:*:*:*:*
lenovothinkstation_p510-cpe:2.3:h:lenovo:thinkstation_p510:-:*:*:*:*:*:*:*
lenovothinkstation_p710_firmware-cpe:2.3:o:lenovo:thinkstation_p710_firmware:-:*:*:*:*:*:*:*
lenovothinkstation_p710-cpe:2.3:h:lenovo:thinkstation_p710:-:*:*:*:*:*:*:*
lenovothinkstation_p910_firmware-cpe:2.3:o:lenovo:thinkstation_p910_firmware:-:*:*:*:*:*:*:*
lenovothinkstation_p910-cpe:2.3:h:lenovo:thinkstation_p910:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
intel	turbo_boost_max_technology_3.0	*	cpe:2.3:a:intel:turbo_boost_max_technology_3.0::::::::
lenovo	thinkstation_p410_firmware	-	cpe:2.3:o:lenovo:thinkstation_p410_firmware:-:::::::*
lenovo	thinkstation_p410	-	cpe:2.3:h:lenovo:thinkstation_p410:-:::::::*
lenovo	thinkstation_p510_firmware	-	cpe:2.3:o:lenovo:thinkstation_p510_firmware:-:::::::*
lenovo	thinkstation_p510	-	cpe:2.3:h:lenovo:thinkstation_p510:-:::::::*
lenovo	thinkstation_p710_firmware	-	cpe:2.3:o:lenovo:thinkstation_p710_firmware:-:::::::*
lenovo	thinkstation_p710	-	cpe:2.3:h:lenovo:thinkstation_p710:-:::::::*
lenovo	thinkstation_p910_firmware	-	cpe:2.3:o:lenovo:thinkstation_p910_firmware:-:::::::*
lenovo	thinkstation_p910	-	cpe:2.3:h:lenovo:thinkstation_p910:-:::::::*

CNA Affected

[
  {
    "product": "Intel(R) Turbo Boost Max Technology 3.0",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "1.0.0.1035 and before"
      }
    ]
  }
]

References

www.securityfocus.com/bid/108770

support.lenovo.com/us/en/product_security/LEN-27841

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00243.html

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

CVSS3

7.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

17.3%

JSON

Related for CVE-2019-0164