Login Sign Up

CVE-2020-0519

7.8 HIGH
Denial of Service

📋 TL;DR

This vulnerability in Intel Graphics Drivers allows authenticated local users to potentially escalate privileges or cause denial of service through improper access control. It affects systems with Intel Graphics Drivers before specific versions. The risk is limited to local attackers who already have some level of system access.

💻 Affected Systems

Products:
  • Intel Graphics Drivers
Versions: Versions before 15.33.49.5100 and 15.36.38.5117
Operating Systems: Windows, Linux
Default Config Vulnerable: ⚠️ Yes
Notes: Affects systems with Intel integrated graphics or Intel discrete graphics cards. Requires local authenticated access.

📦 What is this software?

Graphics Driver by Intel

View all CVEs affecting Graphics Driver →

Graphics Driver by Intel

View all CVEs affecting Graphics Driver →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An authenticated attacker could gain SYSTEM/root privileges, install malware, access sensitive data, or completely crash the system.

🟠

Likely Case

Local privilege escalation allowing attackers to bypass security controls and gain higher privileges than intended.

🟢

If Mitigated

With proper access controls and patching, impact is limited to denial of service at most.

🌐 Internet-Facing: LOW - Requires local authenticated access, not remotely exploitable.
🏢 Internal Only: MEDIUM - Local authenticated attackers could escalate privileges on vulnerable systems.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local authenticated access and knowledge of driver interaction. No public exploit code available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 15.33.49.5100 or 15.36.38.5117 and later

Vendor Advisory: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00315.html

Restart Required: Yes

Instructions:

1. Download latest Intel Graphics Driver from Intel website. 2. Run installer. 3. Restart system. 4. Verify driver version is patched.

🔧 Temporary Workarounds

Restrict local access

all

Limit local user accounts and implement least privilege access controls

Disable vulnerable driver

all

Temporarily disable Intel Graphics Driver if not essential

Windows: devmgmt.msc → Display adapters → Disable device
Linux: modprobe -r i915

🧯 If You Can't Patch

  • Implement strict access controls and least privilege for local users
  • Monitor for unusual privilege escalation attempts and driver access patterns

🔍 How to Verify

Check if Vulnerable:

Check Intel Graphics Driver version in Device Manager (Windows) or via 'lspci -k' and driver info (Linux)

Check Version:

Windows: dxdiag or Device Manager. Linux: modinfo i915 | grep version

Verify Fix Applied:

Confirm driver version is 15.33.49.5100 or 15.36.38.5117 or later

📡 Detection & Monitoring

Log Indicators:

  • Unusual driver access patterns
  • Privilege escalation attempts
  • Driver crash events

Network Indicators:

  • None - local vulnerability only

SIEM Query:

Event logs showing driver access from non-admin users or privilege escalation attempts

📊 Metadata

CVE ID: CVE-2020-0519
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Published: March 12, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON