CVE-2018-12217 : Insufficient access control in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059

Insufficient access control in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables a privileged user to read device configuration information via local access.

Published 2019-03-14 20:29:01

Updated 2019-10-03 00:03:26

Source Intel Corporation

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2018-12217

Probability of exploitation activity in the next 30 days: 0.04%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 10 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2018-12217

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
2.1	LOW	AV:L/AC:L/Au:N/C:P/I:N/A:N	3.9	2.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
2.3	LOW	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N	0.8	1.4	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: Low Integrity: None Availability: None

CWE ids for CVE-2018-12217

CWE-732 Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2018-12217

https://support.lenovo.com/us/en/product_security/LEN-25084

Intel Graphics Driver for Windows Vulnerabilities - US

CVEs referencing this url
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html

INTEL-SA-00189
Patch;Vendor Advisory

CVEs referencing this url

Products affected by CVE-2018-12217

Intel » Graphics Driver » Version: 15.36.26.4294 For Windows
cpe:2.3:a:intel:graphics_driver:15.36.26.4294:*:*:*:*:windows:*:*
Matching versions
Intel » Graphics Driver » Version: 15.36.28.4332 For Windows
cpe:2.3:a:intel:graphics_driver:15.36.28.4332:*:*:*:*:windows:*:*
Matching versions
Intel » Graphics Driver » Version: 15.36.31.4414 For Windows
cpe:2.3:a:intel:graphics_driver:15.36.31.4414:*:*:*:*:windows:*:*
Matching versions
Intel » Graphics Driver » Version: 15.40.41.5058 For Windows
cpe:2.3:a:intel:graphics_driver:15.40.41.5058:*:*:*:*:windows:*:*
Matching versions
Intel » Graphics Driver » Version: 15.45.18.4664 For Windows
cpe:2.3:a:intel:graphics_driver:15.45.18.4664:*:*:*:*:windows:*:*
Matching versions
Intel » Graphics Driver » Version: 24.20.100.6194 For Windows
cpe:2.3:a:intel:graphics_driver:24.20.100.6194:*:*:*:*:windows:*:*
Matching versions
Intel » Graphics Driver » Version: 24.20.100.6229 For Windows
cpe:2.3:a:intel:graphics_driver:24.20.100.6229:*:*:*:*:windows:*:*
Matching versions
Intel » Graphics Driver » Version: 15.36.33.4578 For Windows
cpe:2.3:a:intel:graphics_driver:15.36.33.4578:*:*:*:*:windows:*:*
Matching versions
Intel » Graphics Driver » Version: 15.36.34.4889 For Windows
cpe:2.3:a:intel:graphics_driver:15.36.34.4889:*:*:*:*:windows:*:*
Matching versions
Intel » Graphics Driver » Version: 15.45.19.4678 For Windows
cpe:2.3:a:intel:graphics_driver:15.45.19.4678:*:*:*:*:windows:*:*
Matching versions
Intel » Graphics Driver » Version: 15.45.21.4821 For Windows
cpe:2.3:a:intel:graphics_driver:15.45.21.4821:*:*:*:*:windows:*:*
Matching versions
Intel » Graphics Driver » Version: 24.20.100.6286 For Windows
cpe:2.3:a:intel:graphics_driver:24.20.100.6286:*:*:*:*:windows:*:*
Matching versions
Intel » Graphics Driver » Version: 15.33.45.4653 For Windows
cpe:2.3:a:intel:graphics_driver:15.33.45.4653:*:*:*:*:windows:*:*
Matching versions
Intel » Graphics Driver » Version: 15.33.46.4885 For Windows
cpe:2.3:a:intel:graphics_driver:15.33.46.4885:*:*:*:*:windows:*:*
Matching versions
Intel » Graphics Driver » Version: 15.40.37.4835 For Windows
cpe:2.3:a:intel:graphics_driver:15.40.37.4835:*:*:*:*:windows:*:*
Matching versions
Intel » Graphics Driver » Version: 15.40.38.4963 For Windows
cpe:2.3:a:intel:graphics_driver:15.40.38.4963:*:*:*:*:windows:*:*
Matching versions
Intel » Graphics Driver » Version: 24.20.100.6094 For Windows
cpe:2.3:a:intel:graphics_driver:24.20.100.6094:*:*:*:*:windows:*:*
Matching versions
Intel » Graphics Driver » Version: 24.20.100.6136 For Windows
cpe:2.3:a:intel:graphics_driver:24.20.100.6136:*:*:*:*:windows:*:*
Matching versions
Intel » Graphics Driver » Version: 15.33.43.4425 For Windows
cpe:2.3:a:intel:graphics_driver:15.33.43.4425:*:*:*:*:windows:*:*
Matching versions
Intel » Graphics Driver » Version: 15.40.34.4624 For Windows
cpe:2.3:a:intel:graphics_driver:15.40.34.4624:*:*:*:*:windows:*:*
Matching versions
Intel » Graphics Driver » Version: 15.40.36.4703 For Windows
cpe:2.3:a:intel:graphics_driver:15.40.36.4703:*:*:*:*:windows:*:*
Matching versions
Intel » Graphics Driver » Version: 15.45.23.4860 For Windows
cpe:2.3:a:intel:graphics_driver:15.45.23.4860:*:*:*:*:windows:*:*
Matching versions
Intel » Graphics Driver » Version: 24.20.100.6025 For Windows
cpe:2.3:a:intel:graphics_driver:24.20.100.6025:*:*:*:*:windows:*:*
Matching versions

Vulnerability Details : CVE-2018-12217

Exploit prediction scoring system (EPSS) score for CVE-2018-12217

CVSS scores for CVE-2018-12217

CWE ids for CVE-2018-12217

References for CVE-2018-12217

Products affected by CVE-2018-12217