Vulnerability Description
Improper permissions in the installer for Intel(R) Accelerated Storage Manager in Intel(R) RSTe before version 5.5.0.2015 may allow an authenticated user to potentially enable escalation of privilege via local access. L-SA-00206
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Rapid Storage Technology Enterprise | < 5.5.0.2015 |
| Lenovo | Thinkstation P520 Firmware | - |
| Lenovo | Thinkstation P520 | - |
| Lenovo | Thinkstation P520C Firmware | - |
| Lenovo | Thinkstation P520C | - |
| Lenovo | Thinkstation P720 Firmware | - |
| Lenovo | Thinkstation P720 | - |
| Lenovo | Thinkstation P920 Firmware | - |
| Lenovo | Thinkstation P920 | - |
Related Weaknesses (CWE)
References
- https://support.lenovo.com/us/en/product_security/LEN-27843Third Party Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00231.Vendor Advisory
- https://support.lenovo.com/us/en/product_security/LEN-27843Third Party Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00231.Vendor Advisory
FAQ
What is CVE-2019-0135?
CVE-2019-0135 is a vulnerability with a CVSS score of 7.8 (HIGH). Improper permissions in the installer for Intel(R) Accelerated Storage Manager in Intel(R) RSTe before version 5.5.0.2015 may allow an authenticated user to potentially enable escalation of privilege ...
How severe is CVE-2019-0135?
CVE-2019-0135 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-0135?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Rapid Storage Technology Enterprise, Lenovo Thinkstation P520 Firmware, Lenovo Thinkstation P520, Lenovo Thinkstation P520C Firmware, Lenovo Thinkstation P520C.