A potential security vulnerability in Intel® Dynamic Platform and Thermal Framework may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability.****
CVEID: CVE-2019-0134
Description: Improper permissions in the Intel® Dynamic Platform and Thermal Framework v8.3.10208.5643 and before may allow an authenticated user to potentially execute code at an elevated level of privilege.
CVSS Base Score: 3.2 Low
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N
Intel® Dynamic Platform and Thermal Framework v8.3.10208.5643 and before.
Intel recommends that users of Intel® Dynamic Platform and Thermal Framework** **update to the latest version provided by the system manufacturer that addresses these issues.
Intel would like to thank Jakub Palaczynski (enjoi) for reporting this issue.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.