First published: Wed Dec 18 2019(Updated: )
Improper directory permissions in the installer for Intel(R) Management Engine Consumer Driver for Windows before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45,13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com
Affected Software | Affected Version | How to fix |
---|---|---|
Intel Trusted Execution Engine Firmware | >=3.0<3.1.70 | |
Intel Trusted Execution Engine Firmware | >=4.0<4.0.20 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-11097 is a vulnerability in the installer for Intel(R) Management Engine Consumer Driver for Windows that allows an authenticated user to potentially enable escalation of privileges.
The severity of CVE-2019-11097 is high, with a CVSS score of 7.8.
The affected software versions are Intel(R) Management Engine Consumer Driver for Windows before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10, and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20.
An authenticated user can potentially enable escalation of privileges by exploiting CVE-2019-11097.
More information about CVE-2019-11097 can be found on the Intel Security Advisory website at https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html.