Details of VAR-202102-0087

ID

VAR-202102-0087

CVE

CVE-2020-12386

TITLE

Intel(R) Graphics Drivers Out-of-bounds Vulnerability in Microsoft

Trust: 0.8

sources: JVNDB: JVNDB-2020-016012

DESCRIPTION

Out-of-bounds write in some Intel(R) Graphics Drivers before version 15.36.39.5143 may allow an authenticated user to potentially enable denial of service via local access. Intel(R) Graphics Drivers Is vulnerable to an out-of-bounds write.Denial of service (DoS) It may be put into a state. There is a security vulnerability in Intel Graphics Drivers. There is no information about this vulnerability at present. Please pay attention to CNNVD or manufacturer announcements at any time

Trust: 1.71

sources: NVD: CVE-2020-12386 // JVNDB: JVNDB-2020-016012 // VULHUB: VHN-165059

AFFECTED PRODUCTS

vendor:	intel	model:	graphics drivers	scope:	lt	version:	15.36.39.5143	Trust: 1.0
vendor:	インテル	model:	intel graphics drivers	scope:	eq	version:	-	Trust: 0.8
vendor:	インテル	model:	intel graphics drivers	scope:	eq	version:	15.36.39.5143	Trust: 0.8

sources: JVNDB: JVNDB-2020-016012 // NVD: CVE-2020-12386

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-12386
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2020-12386
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202102-817
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-165059
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2020-12386
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-165059
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-12386
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2020-12386
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-165059 // JVNDB: JVNDB-2020-016012 // CNNVD: CNNVD-202102-817 // NVD: CVE-2020-12386

PROBLEMTYPE DATA

problemtype:	CWE-787	Trust: 1.1
problemtype:	Out-of-bounds writing (CWE-787) [NVD Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-165059 // JVNDB: JVNDB-2020-016012 // NVD: CVE-2020-12386

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202102-817

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202102-817

PATCH

title:	INTEL-SA-00438	url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html	Trust: 0.8
title:	Intel Graphics Drivers Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142192	Trust: 0.6

sources: JVNDB: JVNDB-2020-016012 // CNNVD: CNNVD-202102-817

EXTERNAL IDS

db:	NVD	id:	CVE-2020-12386	Trust: 2.5
db:	JVN	id:	JVNVU93808918	Trust: 0.8
db:	JVNDB	id:	JVNDB-2020-016012	Trust: 0.8
db:	LENOVO	id:	LEN-51723	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.0472	Trust: 0.6
db:	CNNVD	id:	CNNVD-202102-817	Trust: 0.6
db:	VULHUB	id:	VHN-165059	Trust: 0.1

sources: VULHUB: VHN-165059 // JVNDB: JVNDB-2020-016012 // CNNVD: CNNVD-202102-817 // NVD: CVE-2020-12386

REFERENCES

url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12386	Trust: 1.4
url:	https://jvn.jp/vu/jvnvu93808918/index.html	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2021.0472	Trust: 0.6
url:	https://support.lenovo.com/us/en/product_security/len-51723	Trust: 0.6
url:	https://vigilance.fr/vulnerability/intel-graphics-drivers-multiple-vulnerabilities-34748	Trust: 0.6

sources: VULHUB: VHN-165059 // JVNDB: JVNDB-2020-016012 // CNNVD: CNNVD-202102-817 // NVD: CVE-2020-12386

SOURCES

db:	VULHUB	id:	VHN-165059
db:	JVNDB	id:	JVNDB-2020-016012
db:	CNNVD	id:	CNNVD-202102-817
db:	NVD	id:	CVE-2020-12386

LAST UPDATE DATE

2024-11-23T20:16:49.024000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-165059	date:	2021-02-23T00:00:00
db:	JVNDB	id:	JVNDB-2020-016012	date:	2021-11-01T01:58:00
db:	CNNVD	id:	CNNVD-202102-817	date:	2021-12-06T00:00:00
db:	NVD	id:	CVE-2020-12386	date:	2024-11-21T04:59:37.060

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-165059	date:	2021-02-17T00:00:00
db:	JVNDB	id:	JVNDB-2020-016012	date:	2021-11-01T00:00:00
db:	CNNVD	id:	CNNVD-202102-817	date:	2021-02-09T00:00:00
db:	NVD	id:	CVE-2020-12386	date:	2021-02-17T14:15:16.123