CVE-2021-0061 – This vulnerability in Intel Graphics Drivers al... (How to Fix)

Q: What is the severity of CVE-2021-0061?

CVE-2021-0061 has a CVSS score of 7.8 (HIGH). This vulnerability in Intel Graphics Drivers allows an authenticated local user to potentially escalate privileges due to improper initialization. It affects systems with vulnerable Intel graphics drivers before version 27.20.100.9030. Attackers could gain higher system privileges than intended.

📋 TL;DR

This vulnerability in Intel Graphics Drivers allows an authenticated local user to potentially escalate privileges due to improper initialization. It affects systems with vulnerable Intel graphics drivers before version 27.20.100.9030. Attackers could gain higher system privileges than intended.

💻 Affected Systems

Products:

Intel Graphics Drivers

Versions: Versions before 27.20.100.9030

Operating Systems: Windows 10, Windows Server 2016/2019, Linux distributions with affected Intel drivers

Default Config Vulnerable: ⚠️ Yes

Notes: Requires Intel integrated or discrete graphics hardware with vulnerable driver versions. Systems without Intel graphics are not affected.

📦 What is this software?

Graphics Drivers by Intel

View all CVEs affecting Graphics Drivers →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An authenticated attacker gains SYSTEM/root privileges, enabling complete system compromise, data theft, persistence installation, and lateral movement.

🟠

Likely Case

Local authenticated user escalates to administrator/root privileges, allowing installation of malware, disabling security controls, or accessing sensitive data.

🟢

If Mitigated

With proper privilege separation and least privilege principles, impact is limited to the compromised user's scope.

🌐 Internet-Facing: LOW - This requires local authenticated access, not directly exploitable over the network.

🏢 Internal Only: HIGH - Any authenticated user on a vulnerable system could potentially exploit this to gain elevated privileges.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires local authenticated access and knowledge of driver internals. No public exploit code has been disclosed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 27.20.100.9030 or later

Vendor Advisory: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00508.html

Restart Required: Yes

Instructions:

1. Download latest Intel Graphics Driver from Intel's website or Windows Update. 2. Run installer with administrative privileges. 3. Follow on-screen instructions. 4. Restart system when prompted.

🔧 Temporary Workarounds

Restrict local user access

all

Limit local user accounts to only trusted personnel to reduce attack surface.

Apply least privilege

all

Ensure users operate with minimal necessary privileges to limit potential impact.

🧯 If You Can't Patch

Implement strict access controls and monitor for privilege escalation attempts
Segment vulnerable systems from critical assets and apply network isolation

🔍 How to Verify

Check if Vulnerable:

Check Intel Graphics Driver version in Device Manager (Windows) or via 'lspci -k' and driver info (Linux).

Check Version:

Windows: dxdiag (Display tab) or Device Manager > Display adapters > Properties > Driver. Linux: modinfo i915 or check /sys/class/drm/card*/device/uevent

Verify Fix Applied:

Confirm driver version is 27.20.100.9030 or higher after update.

📡 Detection & Monitoring

Log Indicators:

Unexpected privilege escalation events
Driver loading failures or crashes
Suspicious process creation with elevated privileges

Network Indicators:

None - local exploitation only

SIEM Query:

EventID 4688 (Windows) with elevated token or suspicious parent process, or Linux audit logs showing privilege changes

📊 Metadata

CVE ID: CVE-2021-0061

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-665

Published: August 11, 2021

Last Updated: November 21, 2024

🔗 References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00508.html Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00508.html Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-0061, you might also want to check these: