Vulnerability Details CVE-2019-0128
Improper permissions in the installer for Intel(R) Chipset Device Software (INF Update Utility) before version 10.1.1.45 may allow an authenticated user to escalate privilege via local access.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 22.2%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6
References
- http://www.securityfocus.com/bid/108767
- https://support.lenovo.com/us/en/product_security/LEN-27840
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00224.html
- http://www.securityfocus.com/bid/108767
- https://support.lenovo.com/us/en/product_security/LEN-27840
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00224.html
Products affected by CVE-2019-0128
-
cpe:2.3:a:intel:chipset_device_software:10.1.1.14
-
cpe:2.3:a:intel:chipset_device_software:10.1.1.38