CVE-2020-0559 - Vulnerability Details

Insecure inherited permissions in some Intel(R) PROSet/Wireless WiFi products on Windows* 7 and 8.1 before version 21.40.5.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00026.

Key SSVC decision points have not yet been added.

Vendors	Products
Intel	Ac 3165 Firmware Ac 3168 Firmware Ac 7265 Firmware Ac 8260 Firmware Ac 8265 Firmware Ac 9260 Firmware Ac 9461 Firmware Ac 9462 Firmware Ac 9560 Firmware Atom X5-e3930 Atom X5-e3940 Atom X7-e3950 Ax200 Firmware Ax201 Firmware Celeron J1750 Celeron J1800 Celeron J1850 Celeron J1900 Celeron J3060 Celeron J3160 Celeron J3355 Celeron J3355e Celeron J3455 Celeron J3455e Celeron J4005 Celeron J4025 Celeron J4105 Celeron J4125 Celeron J6412 Celeron J6413 Celeron N2805 Celeron N2806 Celeron N2807 Celeron N2808 Celeron N2810 Celeron N2815 Celeron N2820 Celeron N2830 Celeron N2840 Celeron N2910 Celeron N2920 Celeron N2930 Celeron N2940 Celeron N3000 Celeron N3010 Celeron N3050 Celeron N3060 Celeron N3150 Celeron N3160 Celeron N3350 Celeron N3350e Celeron N3450 Celeron N4000 Celeron N4020 Celeron N4100 Celeron N4120 Celeron N4500 Celeron N4505 Celeron N5100 Celeron N5105 Celeron N6210 Celeron N6211 Pentium J2850 Pentium J2900 Pentium J3710 Pentium J4205 Pentium J6426 Pentium N3510 Pentium N3520 Pentium N3530 Pentium N3540 Pentium N3700 Pentium N3710 Pentium N4200 Pentium N4200e Pentium N6415
Microsoft	Windows 7 Windows 8.1

Configuration 1 [-]

AND

OR	cpe:2.3:o:intel:ac_3165_firmware::::::::
	cpe:2.3:o:intel:ac_3168_firmware::::::::
	cpe:2.3:o:intel:ac_7265_firmware::::::::
	cpe:2.3:o:intel:ac_8260_firmware::::::::
	cpe:2.3:o:intel:ac_8265_firmware::::::::
	cpe:2.3:o:intel:ac_9260_firmware::::::::
	cpe:2.3:o:intel:ac_9461_firmware::::::::
	cpe:2.3:o:intel:ac_9462_firmware::::::::
	cpe:2.3:o:intel:ac_9560_firmware::::::::
	cpe:2.3:o:intel:ax200_firmware::::::::
	cpe:2.3:o:intel:ax201_firmware::::::::

OR	cpe:2.3:o:microsoft:windows_7:-:::::::*
	cpe:2.3:o:microsoft:windows_8.1:-:::::::*

Configuration 2 [-]

OR	cpe:2.3:h:intel:atom_x5-e3930:-:::::::*
	cpe:2.3:h:intel:atom_x5-e3940:-:::::::*
	cpe:2.3:h:intel:atom_x7-e3950:-:::::::*
	cpe:2.3:h:intel:celeron_j1750:-:::::::*
	cpe:2.3:h:intel:celeron_j1800:-:::::::*
	cpe:2.3:h:intel:celeron_j1850:-:::::::*
	cpe:2.3:h:intel:celeron_j1900:-:::::::*
	cpe:2.3:h:intel:celeron_j3060:-:::::::*
	cpe:2.3:h:intel:celeron_j3160:-:::::::*
	cpe:2.3:h:intel:celeron_j3355:-:::::::*
	cpe:2.3:h:intel:celeron_j3355e:-:::::::*
	cpe:2.3:h:intel:celeron_j3455:-:::::::*
	cpe:2.3:h:intel:celeron_j3455e:-:::::::*
	cpe:2.3:h:intel:celeron_j4005:-:::::::*
	cpe:2.3:h:intel:celeron_j4025:-:::::::*
	cpe:2.3:h:intel:celeron_j4105:-:::::::*
	cpe:2.3:h:intel:celeron_j4125:-:::::::*
	cpe:2.3:h:intel:celeron_j6412:-:::::::*
	cpe:2.3:h:intel:celeron_j6413:-:::::::*
	cpe:2.3:h:intel:celeron_n2805:-:::::::*
	cpe:2.3:h:intel:celeron_n2806:-:::::::*
	cpe:2.3:h:intel:celeron_n2807:-:::::::*
	cpe:2.3:h:intel:celeron_n2808:-:::::::*
	cpe:2.3:h:intel:celeron_n2810:-:::::::*
	cpe:2.3:h:intel:celeron_n2815:-:::::::*
	cpe:2.3:h:intel:celeron_n2820:-:::::::*
	cpe:2.3:h:intel:celeron_n2830:-:::::::*
	cpe:2.3:h:intel:celeron_n2840:-:::::::*
	cpe:2.3:h:intel:celeron_n2910:-:::::::*
	cpe:2.3:h:intel:celeron_n2920:-:::::::*
	cpe:2.3:h:intel:celeron_n2930:-:::::::*
	cpe:2.3:h:intel:celeron_n2940:-:::::::*
	cpe:2.3:h:intel:celeron_n3000:-:::::::*
	cpe:2.3:h:intel:celeron_n3010:-:::::::*
	cpe:2.3:h:intel:celeron_n3050:-:::::::*
	cpe:2.3:h:intel:celeron_n3060:-:::::::*
	cpe:2.3:h:intel:celeron_n3150:-:::::::*
	cpe:2.3:h:intel:celeron_n3160:-:::::::*
	cpe:2.3:h:intel:celeron_n3350:-:::::::*
	cpe:2.3:h:intel:celeron_n3350e:-:::::::*
	cpe:2.3:h:intel:celeron_n3450:-:::::::*
	cpe:2.3:h:intel:celeron_n4000:-:::::::*
	cpe:2.3:h:intel:celeron_n4020:-:::::::*
	cpe:2.3:h:intel:celeron_n4100:-:::::::*
	cpe:2.3:h:intel:celeron_n4120:-:::::::*
	cpe:2.3:h:intel:celeron_n4500:-:::::::*
	cpe:2.3:h:intel:celeron_n4505:-:::::::*
	cpe:2.3:h:intel:celeron_n5100:-:::::::*
	cpe:2.3:h:intel:celeron_n5105:-:::::::*
	cpe:2.3:h:intel:celeron_n6210:-:::::::*
	cpe:2.3:h:intel:celeron_n6211:-:::::::*
	cpe:2.3:h:intel:pentium_j2850:-:::::::*
	cpe:2.3:h:intel:pentium_j2900:-:::::::*
	cpe:2.3:h:intel:pentium_j3710:-:::::::*
	cpe:2.3:h:intel:pentium_j4205:-:::::::*
	cpe:2.3:h:intel:pentium_j6426:-:::::::*
	cpe:2.3:h:intel:pentium_n3510:-:::::::*
	cpe:2.3:h:intel:pentium_n3520:-:::::::*
	cpe:2.3:h:intel:pentium_n3530:-:::::::*
	cpe:2.3:h:intel:pentium_n3540:-:::::::*
	cpe:2.3:h:intel:pentium_n3700:-:::::::*
	cpe:2.3:h:intel:pentium_n3710:-:::::::*
	cpe:2.3:h:intel:pentium_n4200:-:::::::*
	cpe:2.3:h:intel:pentium_n4200e:-:::::::*
cpe:2.3:h:intel:pentium_n6415:-:::::::*

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2020-2057	Insecure inherited permissions in some Intel(R) PROSet/Wireless WiFi products on Windows* 7 and 8.1 before version 21.40.5.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00355.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00360.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: intel

Published: 2020-08-13T03:27:23

Updated: 2024-08-04T06:02:52.341Z

Reserved: 2019-10-28T00:00:00

Link: CVE-2020-0559

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-08-13T04:15:12.913

Modified: 2024-11-21T04:53:45.603

Link: CVE-2020-0559

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object