CVE-2018-12223 Information

Description

Insufficient access control in User Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059) 10.18.x.5057 (aka 15.36.x.5057) 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to escape from a virtual machine guest-to-host via local access.

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

Reference

https://support.lenovo.com/us/en/product_security/LEN-25084 https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

LOW

Base Severity

6.3