Permissions, Privileges, and Access Controls in Intel products - CVE-2019-0123
Published: November 27, 2019
Vulnerability identifier: #VU23015
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2019-0123
CWE-ID: CWE-264
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Intel
Affected software:
6th Generation Intel Core Processors
7th Generation Intel Core Processors
8th Generation Intel Core Processors
10th Generation Intel Core Processors
Intel Xeon Processor E3 v5 Family
Intel Xeon Processor E3 v6 Family
Intel Xeon Processor E-2100 Family
Intel Xeon Processor E-2200 Family
9th Generation Intel Core Processors
6th Generation Intel Core Processors
7th Generation Intel Core Processors
8th Generation Intel Core Processors
10th Generation Intel Core Processors
Intel Xeon Processor E3 v5 Family
Intel Xeon Processor E3 v6 Family
Intel Xeon Processor E-2100 Family
Intel Xeon Processor E-2200 Family
9th Generation Intel Core Processors
Detailed vulnerability description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient memory protection, when supporting SGX. A local user can enable escalation of privilege on the target system.
How to mitigate CVE-2019-0123
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.