CVE-2019-11120 : What You Need to Know
Learn about CVE-2019-11120 affecting Intel(R) Active System Console before version 8.0 Build 24. Find out how an authenticated user could exploit local access to escalate privileges.
Intel(R) Active System Console prior to version 8.0 Build 24 is vulnerable to an escalation of privilege due to insufficient path verification during installation.
Understanding CVE-2019-11120
The vulnerability in Intel(R) Active System Console could allow a logged-in user to exploit local access and gain escalated privileges.
What is CVE-2019-11120?
The installer for Intel(R) Active System Console before version 8.0 Build 24 lacks adequate path verification, enabling an authenticated user to potentially escalate privileges via local access.
The Impact of CVE-2019-11120
This vulnerability could be exploited by a logged-in user to gain escalated privileges on the affected system.
Technical Details of CVE-2019-11120
Vulnerability Description
- Insufficient path checking in the installer for Intel(R) Active System Console before version 8.0 Build 24
Affected Systems and Versions
- Product: Active System Console Advisory
- Vendor: Intel(R)
- Versions Affected: Before version 8.0 Build 24
Exploitation Mechanism
- An authenticated user could exploit local access to enable escalation of privilege.
Mitigation and Prevention
Immediate Steps to Take
- Update Intel(R) Active System Console to version 8.0 Build 24 or later
- Monitor system logs for any unauthorized privilege escalations
Long-Term Security Practices
- Regularly review and update system security configurations
- Implement the principle of least privilege to restrict user access
Patching and Updates
- Apply security patches and updates provided by Intel(R) to address this vulnerability