Skip to main content

Computing Improvement Program CVE-2019-11162

HIGH
2019-08-19 secure@intel.com
7.8
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Aug 19, 2019 - 17:15 nvd
HIGH 7.8

DescriptionNVD

Insufficient access control in hardware abstraction in SEMA driver for Intel(R) Computing Improvement Program before version 2.4.0.04733 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access.

AnalysisAI

Insufficient access control in hardware abstraction in SEMA driver for Intel(R) Computing Improvement Program before version 2.4.0.04733 may allow an authenticated user to potentially enable. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Technical ContextAI

Insufficient access control in hardware abstraction in SEMA driver for Intel(R) Computing Improvement Program before version 2.4.0.04733 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access. Affected products include: Intel Computing Improvement Program. Version information: version 2.4.0.04733.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2021-0074 HIGH
7.8 Jun 09

Improper permissions in the installer for the Intel(R) Computing Improvement Program software before version 2.4.5982 ma

CVE-2021-0052 HIGH
7.8 Jun 09

Incorrect default privileges in the Intel(R) Computing Improvement Program before version 2.4.6522 may allow an authenti

CVE-2020-8736 HIGH
7.8 Aug 13

Improper access control in subsystem for the Intel(R) Computing Improvement Program before version 2.4.5718 may allow an

CVE-2018-12168 HIGH
7.8 Sep 12

Privilege escalation in file permissions in Intel Computing Improvement Program before version 2.2.0.03942 may allow an

CVE-2024-36482 HIGH
7.1 Nov 13

Improper input validation in some Intel(R) CIP software before version 2.4.10852 may allow a privileged user to potentia

CVE-2020-12308 MEDIUM
6.5 Nov 12

Improper access control for the Intel(R) Computing Improvement Program before version 2.4.5982 may allow an unprivileged

CVE-2024-36276 MEDIUM
5.4 Nov 13

Insecure inherited permissions for some Intel(R) CIP software before version 2.4.10852 may allow an authenticated user t

CVE-2025-24863 MEDIUM
6.0 Nov 11

Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Appl

CVE-2025-24862 LOW
2.0 Nov 11

Unrestricted upload of file with dangerous type for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within

CVE-2025-24847 MEDIUM
5.7 Nov 11

Improper input validation for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applicat

CVE-2025-24838 HIGH
7.7 Nov 11

Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Appl

CVE-2025-24834 MEDIUM
6.0 Nov 11

Protection mechanism failure for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Appli

Share

CVE-2019-11162 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy