Main Vulnerability Database Vulnerabilities #VU23089

Permissions, Privileges, and Access Controls in Intel products - CVE-2019-0151

Published: November 29, 2019

Vulnerability identifier: #VU23089

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2019-0151

CWE-ID: CWE-264

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Intel

Affected software:
4th generation Intel Core processors
5th generation Intel Core processors
6th Generation Intel Core Processors
7th Generation Intel Core Processors
8th Generation Intel Core Processors
Intel vPro Eligible Processors
Intel Xeon Processor E3 v2 Family
Intel Xeon Processor E3 v3 Family
Intel Xeon Processor E3 v4 Family
Intel Xeon Processor E3 v5 Family
Intel Xeon Processor E3 v6 Family
Intel Xeon Processor E5 v2 Family
Intel Xeon Processor E5 v3 Family
Intel Xeon Processor E5 v4 Family
Intel Xeon Processor E7 v2 Family
Intel Xeon Processor E7 v3 Family
Intel Xeon Processor E7 v4 Family
2nd Generation Intel Xeon Scalable Processors
Intel Xeon Processor D 1500
Intel Xeon Processor D 2100
Intel Xeon Processor E-2100 Family
Intel Xeon Processor E-2200 Family
Intel Xeon Processor W 2100
Intel Xeon Processor W 3100
Intel Xeon Scalable Processors

Detailed vulnerability description

The vulnerability allows a local user to escalate privileges on the target system.

The vulnerability exists due to insufficient memory protection in Intel TXT. A local user can escalate privileges on the target system.

How to mitigate CVE-2019-0151

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Sources

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00240.html

Permissions, Privileges, and Access Controls in Intel products - CVE-2019-0151

Detailed vulnerability description

How to mitigate CVE-2019-0151

Sources

Please verify you're human