Vulnerability Details : CVE-2019-0164
Improper permissions in the installer for Intel(R) Turbo Boost Max Technology 3.0 driver version 1.0.0.1035 and before may allow an authenticated user to potentially enable escalation of privilege via local access.
Products affected by CVE-2019-0164
- cpe:2.3:a:intel:turbo_boost_max_technology_3.0:*:*:*:*:*:*:*:*
- cpe:2.3:o:lenovo:thinkstation_p410_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:lenovo:thinkstation_p510_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:lenovo:thinkstation_p710_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:lenovo:thinkstation_p910_firmware:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-0164
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 19 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-0164
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.4
|
MEDIUM | AV:L/AC:M/Au:N/C:P/I:P/A:P |
3.4
|
6.4
|
NIST | |
|
7.3
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
1.3
|
5.9
|
NIST |
CWE ids for CVE-2019-0164
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2019-0164
-
http://www.securityfocus.com/bid/108770
Intel Turbo Boost Max Technology 3.0 Driver CVE-2019-0164 Local Privilege Escalation VulnerabilityBroken Link;Third Party Advisory;VDB Entry
-
https://support.lenovo.com/us/en/product_security/LEN-27841
Intel Turbo Boost Max Technology 3.0 Discontinuation - USThird Party Advisory
-
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00243.html
INTEL-SA-00243Vendor Advisory
Jump to