Login Sign Up

CVE-2020-0544

7.8 HIGH

📋 TL;DR

This vulnerability in Intel Graphics Drivers allows authenticated local users to escalate privileges through insufficient control flow management in the kernel mode driver. It affects systems with vulnerable Intel graphics drivers installed, primarily impacting Windows systems with Intel integrated or discrete graphics. Attackers could gain SYSTEM-level privileges on affected machines.

💻 Affected Systems

Products:
  • Intel Graphics Drivers
Versions: Versions before 15.36.39.5145
Operating Systems: Windows 10, Windows Server 2016/2019
Default Config Vulnerable: ⚠️ Yes
Notes: Affects systems with Intel integrated graphics (HD/UHD/Iris) or Intel discrete graphics. Requires driver to be loaded and active.

📦 What is this software?

Graphics Drivers by Intel

View all CVEs affecting Graphics Drivers →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An authenticated attacker gains SYSTEM/root privileges, enabling complete system compromise, data theft, persistence establishment, and lateral movement capabilities.

🟠

Likely Case

Local privilege escalation allowing attackers to bypass security controls, install malware, or access protected system resources.

🟢

If Mitigated

Limited impact with proper privilege separation, application control, and restricted local access to sensitive systems.

🌐 Internet-Facing: LOW - Requires local authenticated access, not directly exploitable over network.
🏢 Internal Only: HIGH - Significant risk from insider threats or attackers who gain initial access through other means.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires authenticated local access and knowledge of driver exploitation techniques. No public exploits known as of last reporting.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 15.36.39.5145 or later

Vendor Advisory: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html

Restart Required: Yes

Instructions:

1. Download updated Intel Graphics Driver from Intel website or Windows Update. 2. Run installer with administrative privileges. 3. Follow on-screen prompts. 4. Restart system when prompted.

🔧 Temporary Workarounds

Disable Intel Graphics Driver

windows

Temporarily disable the vulnerable driver if not essential for system operation

devmgmt.msc -> Display adapters -> Right-click Intel graphics -> Disable device

Restrict Local Access

windows

Limit local interactive logon rights to trusted users only

gpedit.msc -> Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> User Rights Assignment -> Allow log on locally

🧯 If You Can't Patch

  • Implement strict application control/whitelisting to prevent unauthorized executables
  • Enforce principle of least privilege and restrict local administrator rights

🔍 How to Verify

Check if Vulnerable:

Check driver version in Device Manager under Display adapters -> Intel graphics -> Driver tab

Check Version:

powershell Get-WmiObject Win32_PnPSignedDriver | Where-Object {$_.DeviceName -like '*Intel*Graphics*'} | Select-Object DeviceName, DriverVersion

Verify Fix Applied:

Verify driver version is 15.36.39.5145 or higher in Device Manager

📡 Detection & Monitoring

Log Indicators:

  • Unexpected privilege escalation events
  • Driver loading failures
  • System integrity violations

Network Indicators:

  • None - local exploitation only

SIEM Query:

EventID=4688 AND NewProcessName LIKE '*\system32\*' AND SubjectUserName NOT IN (trusted_system_accounts)

📊 Metadata

CVE ID: CVE-2020-0544
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Published: February 17, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON