#VU45674 Out-of-bounds write in Intel products - CVE-2020-8679
Published: August 13, 2020
Vulnerability identifier: #VU45674
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2020-8679
CWE-ID: CWE-787
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
6th Generation Intel Core Processors
7th Generation Intel Core Processors
8th Generation Intel Core Processors
3rd Generation Intel Core Processors
4th generation Intel Core processors
5th generation Intel Core processors
10th Generation Intel Core Processors
9th Generation Intel Core Processors
6th Generation Intel Core Processors
7th Generation Intel Core Processors
8th Generation Intel Core Processors
3rd Generation Intel Core Processors
4th generation Intel Core processors
5th generation Intel Core processors
10th Generation Intel Core Processors
9th Generation Intel Core Processors
Software vendor:
Intel
Intel
Description
The vulnerability allows a local user to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in Kernel Mode Driver for some Intel Graphics Drivers. A local user can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.
Remediation
Install updates from vendor's website.