PT-2020-1976 · Intel · Intel(R) Renesas Electronics(R) Usb 3.0 Driver
Kadir
·
Published
2020-02-11
·
Updated
2020-02-25
·
CVE-2020-0560
CVSS v2.0
6.0
Medium
| Vector | AV:L/AC:H/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Intel(R) Renesas Electronics(R) USB 3.0 Driver, all versions
Description
The issue is related to improper permissions in the installer for the Intel(R) Renesas Electronics(R) USB 3.0 Driver. This may allow an authenticated user to potentially enable escalation of privilege via local access. The vulnerability is associated with incorrect default permission settings, which can be exploited by an attacker to elevate their privileges.
Recommendations
For all versions of the Intel(R) Renesas Electronics(R) USB 3.0 Driver, consider restricting access to the installer to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Incorrect Default Permissions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Intel(R) Renesas Electronics(R) Usb 3.0 Driver