Login Sign Up

CVE-2020-12384

7.8 HIGH

📋 TL;DR

This vulnerability allows authenticated local users to escalate privileges on systems with affected Intel Graphics Drivers. Attackers could gain higher system privileges than intended, potentially compromising the entire system. Only systems with vulnerable Intel Graphics Driver versions are affected.

💻 Affected Systems

Products:
  • Intel Graphics Drivers
Versions: Versions before 26.20.100.8476
Operating Systems: Windows, Linux
Default Config Vulnerable: ⚠️ Yes
Notes: Affects systems with Intel integrated graphics or Intel discrete graphics cards. Requires authenticated user access.

📦 What is this software?

Graphics Drivers by Intel

View all CVEs affecting Graphics Drivers →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise where an attacker gains SYSTEM/root privileges, installs persistent malware, accesses sensitive data, and disables security controls.

🟠

Likely Case

Local privilege escalation allowing attackers to bypass application restrictions, install unauthorized software, or access protected system resources.

🟢

If Mitigated

Limited impact with proper user privilege separation and endpoint protection that detects privilege escalation attempts.

🌐 Internet-Facing: LOW - Requires local authenticated access, cannot be exploited remotely over the internet.
🏢 Internal Only: HIGH - Significant risk from insider threats or attackers who gain initial access through other means, then escalate privileges locally.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires authenticated local access and knowledge of the vulnerability. No public exploit code available at advisory publication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 26.20.100.8476 or later

Vendor Advisory: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html

Restart Required: Yes

Instructions:

1. Visit Intel Driver & Support Assistant website or device manufacturer's support site. 2. Download Intel Graphics Driver version 26.20.100.8476 or newer. 3. Install the driver update. 4. Restart the system to complete installation.

🔧 Temporary Workarounds

Restrict Local User Privileges

all

Limit standard user accounts to prevent privilege escalation attempts

Enable Application Whitelisting

windows

Use Windows AppLocker or similar solutions to restrict unauthorized executable execution

🧯 If You Can't Patch

  • Implement strict least privilege access controls for all user accounts
  • Deploy endpoint detection and response (EDR) solutions to monitor for privilege escalation attempts

🔍 How to Verify

Check if Vulnerable:

Check Intel Graphics Driver version in Device Manager (Windows) or via 'lspci -v' and driver info (Linux). Compare against vulnerable version range.

Check Version:

Windows: dxdiag or Device Manager > Display adapters > Properties > Driver. Linux: Check /var/log/Xorg.0.log or use appropriate package manager commands.

Verify Fix Applied:

Verify driver version is 26.20.100.8476 or higher after update installation.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected driver access attempts
  • Privilege escalation events in security logs
  • Failed or successful driver modification attempts

Network Indicators:

  • None - local privilege escalation only

SIEM Query:

EventID 4688 (Windows) showing process creation with elevated privileges from standard user accounts, or Linux audit logs showing privilege changes

📊 Metadata

CVE ID: CVE-2020-12384
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Published: February 17, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON