CVE-2019-11114

Intel® Driver & Support Assistant (DSA) prior to version 19.4.18 is affected by CVE-2019-11114 due to insufficient input validation, enabling a local-privilege user to potentially cause a denial of service. The issue affects DSA v19.3.12.3 and earlier. Intel’s advisory recommends updating to 19.4...

CVE-2019-11095

CVE-2019-11095 concerns Intel® Driver & Support Assistant (DSA) versions 19.3.12.3 and earlier, with an insufficient access control flaw that may allow a privileged local user to disclose information. The connected sources corroborate the issue as a local-privilege information disclosure vulnerab...

CVE-2018-12148

CVE-2018-12148: Privilege escalation in Intel® Driver & Support Assistant before 3.5.0.1 may allow an authenticated user to execute code as administrator via local access. Affected software: Intel® Driver & Support Assistant (DSA). Root cause: privilege-granting/access control issues enabling loc...

CVE-2022-26017

Intel® DSA software prior to version 22.2.14 suffers from improper access control that may allow an authenticated user to escalate privileges via adjacent access. Affected product: Intel® Driver & Support Assistant (DSA) before 22.2.14. Impact per documents: potential elevation of privilege with ...

CVE-2019-11146

Intel Driver & Support Assistant (before 19.7.30.2) is affected by CVE-2019-11146 due to improper file verification, which may allow an authenticated user to escalate privileges via local access. The issue is reported across multiple sources, including Intel’s advisory (Intel-SA-00276) and Red Ha...

CVE-2019-11145

Intel Driver & Support Assistant (before 19.7.30.2) is affected by an elevation-of-privilege issue due to improper file verification/directories. An authenticated local user could potentially escalate privileges. Intel and partners (Red Hat, CNVD, etc.) reference CVE-2019-11145. Remediation: upda...

CVE-2022-30530

CVE-2022-30530 concerns an Intel DSA software vulnerability affecting versions prior to 22.4.26, where a protection mechanism failure could allow an authenticated user to escalate privileges via local access. The issue is documented in the Intel DSA advisory and corroborated by multiple feeds; th...

CVE-2018-3610

CVE-2018-3610 affects the SEMA driver in Intel Driver and Support Assistant prior to version 3.1.1. The vulnerability allows a local attacker to read and write Memory Status registers, potentially enabling information disclosure or a denial-of-service condition. Affected software is the Intel Dri...

CVE-2023-50197

CVE-2023-50197 – Intel Driver & Support Assistant LPE exists in the DSA Service. By creating a symbolic link, an attacker who already has low-privileged code execution can abuse the service to write a file and escalate to SYSTEM, gaining arbitrary code execution. Reports (ZDI-23-1773 / related en...

CVE-2021-0073

Intel Driver and Support Assistant (DSA) is affected by CVE-2021-0073: Insufficient control flow management before version 20.11.50.9 can allow an authenticated user to escalate privileges via local access. The issue lives in Intel DSA prior to 20.11.50.9, with a local, low-user-interaction requi...

CVE-2022-32764

CVE-2022-32764 relates to a race condition in the Intel® DSA software prior to version 22.4.26 that may allow an authenticated user to escalate privileges through local access. The issue is confirmed by Intel’s advisory and related vulnerability records, which state the affected software is Intel...

CVE-2021-0094

Intel DSA (Driver and Support Assistant) before version 20.11.50.9 is affected by CVE-2021-0094 due to improper link resolution before file access, enabling potential local escalation of privilege for an authenticated user. Affected component: Intel® DSA; root cause: improper link resolution befo...

CVE-2023-45743

Intel® DSA software uninstaller (Intel Driver & Support Assistant) is affected by CVE-2023-45743 due to an uncontrolled search path flaw in uninstallers prior to version 23.4.39.10. The issue may permit an authenticated user to escalate privileges via local access. The advisory specifies affected...

CVE-2021-0090

Intel® Driver and Support Assistant (DSA) before version 20.11.50.9 is affected by CVE-2021-0090, involving an uncontrolled search path element that may allow an authenticated user to escalate privileges via local access. The issue affects Intel DSA and has a CVSS v3.1 base score of 7.3 (HIGH) wi...

CVE-2024-36294

Intel® DSA software before version 24.3.26.8 has insecure inherited permissions that may allow an authenticated, locally-present user to escalate privileges. The issue is caused by improper access control in the DSA software, enabling local privilege elevation. Affected products: Intel® DSA softw...

CVE-2020-0568

CVE-2020-0568 affects the Intel Driver and Support Assistant prior to version 20.1.5. The issue is a race condition that could allow an authenticated local user to trigger a denial-of-service. The Intel advisory confirms the affected software, the root cause (race condition), and the impact (DoS ...

CVE-2023-42099

Intel Driver & Support Assistant (DSA Service) is affected by a local privilege escalation vulnerability (CVE-2023-42099). The flaw enables a local attacker who can run low-privileged code to abuse symbolic links within the DSA Service to delete a file and escalate to SYSTEM, potentially arbitrar...

CVE-2024-36488

CVE-2024-36488 involves Intel® Driver & Support Assistant (Intel DSA). Multiple sources confirm an improper access control vulnerability in DSA versions before 24.3.26.8 that can allow an authenticated, local attacker to escalate privileges. The Red Hat, ZDI, CIRCL, and PT-Security entries align ...

CVE-2020-12302

The Intel Driver & Support Assistant is affected by CVE-2020-12302. Description: improper permissions may allow an authenticated user to potentially escalate privileges via local access on versions before 20.7.26.7. Affected product: Intel® Driver & Support Assistant prior to 20.7.26.7. Reported ...

CVE-2020-24460

Intel® Driver & Support Assistant (DSA) contains a vulnerability CVE-2020-24460 due to incorrect default permissions in versions before 20.8.30.6. An authenticated user could potentially enable a denial of service via local access. The Intel advisory INTEL-SA-00449 confirms affected products and ...

CVE-2023-27515

CVE-2023-27515 affects Intel® DSA software prior to version 23.1.9. The issue is a cross-site scripting (XSS) vulnerability that could allow an unauthenticated user to escalate privileges over a network. Impact and exploit details are supported by multiple connected sources (NVD, Red Hat, Intel a...

CVE-2023-25073

CVE-2023-25073 concerns Intel® DSA software prior to version 23.4.33. The issue is described as improper access control that may allow an authenticated user to potentially enable a denial of service via local access. Affected product: Intel® Driver & Support Assistant (DSA) software before 23.4.3...

CVE-2023-39425

Intel DSA software prior to version 23.4.33 contains an improper access control vulnerability (CVE-2023-39425) that could allow an authenticated user to escalate privileges via local access. The advisory notes a high risk (CVSS v3.1 base score 8.8) with local attack vector and requires an update ...

CVE-2023-35062

Intel DSA software before version 23.4.33 contains an improper access control vulnerability that may allow a privileged user to escalate privileges via local access. Affected product: Intel® Driver & Support Assistant (DSA) software. Root cause: improper access control leading to privilege escala...