1. Home
  2. CVE Database
  3. CVE-2019-19705
HIGH · 7.8

CVE-2019-19705

Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 (and on many other Lenovo and non-Lenovo pr...

Vulnerability Description

Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 (and on many other Lenovo and non-Lenovo products), mishandles DLL preloading.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
LenovoIdeacentre 510-15Ikl Firmware< 6.0.8923.1
LenovoIdeacentre 510-15Ikl-
LenovoIdeacentre 510S-08Ikl Firmware< 6.0.8923.1
LenovoIdeacentre 510S-08Ikl-
LenovoIdeacentre 300S-11Ish Firmware< 6.0.8924.1
LenovoIdeacentre 300S-11Ish-
LenovoIdeacentre 310-15Asr Firmware< 6.0.8924.1
LenovoIdeacentre 310-15Asr-
LenovoIdeacentre 310-15Iap Firmware< 6.0.8924.1
LenovoIdeacentre 310-15Iap-
LenovoIdeacentre 310A-15Iap Firmware< 6.0.8924.1
LenovoIdeacentre 310A-15Iap-
LenovoIdeacentre 310S-08Iap Firmware< 6.0.8924.1
LenovoIdeacentre 310S-08Iap-
LenovoIdeacentre 510-15Abr Firmware< 6.0.8924.1
LenovoIdeacentre 510-15Abr-
LenovoIdeacentre 510S-08Ish Firmware< 6.0.8924.1
LenovoIdeacentre 510S-08Ish-
LenovoIdeacentre 610S-02Ish Firmware< 6.0.8924.1
LenovoIdeacentre 610S-02Ish-

Related Weaknesses (CWE)

CWE-428

References

FAQ

What is CVE-2019-19705?

CVE-2019-19705 is a vulnerability with a CVSS score of 7.8 (HIGH). Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 (and on many other Lenovo and non-Lenovo pr...

How severe is CVE-2019-19705?

CVE-2019-19705 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-19705?

Check the references section above for vendor advisories and patch information. Affected products include: Lenovo Ideacentre 510-15Ikl Firmware, Lenovo Ideacentre 510-15Ikl, Lenovo Ideacentre 510S-08Ikl Firmware, Lenovo Ideacentre 510S-08Ikl, Lenovo Ideacentre 300S-11Ish Firmware.