CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2017-5717 – Intel Content Protection HECI Service - Type Confusion Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-5717
Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user to elevate privileges via local access. Confusión de tipos en Content Protection HECI Service en Intel Graphics Driver permite que usuarios sin privilegios eleven privilegios mediante acceso local. The Intel Content Protection HECI Service exposes a DCOM object to all users and most sandboxes (such as Edge LPAC and Chrome GPU). It has a type confusion vulnerability which can be used to elevate to SYSTEM privileges. • https://www.exploit-db.com/exploits/43373 https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00095&languageid=en-fr • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2016-5647
https://notcve.org/view.php?id=CVE-2016-5647
The igdkmd64 module in the Intel Graphics Driver through 15.33.42.435, 15.36.x through 15.36.30.4385, and 15.40.x through 15.40.4404 on Windows allows local users to cause a denial of service (crash) or gain privileges via a crafted D3DKMTEscape request. El módulo igdkmd64 en el Intel Graphics Driver hasta la versión 15.33.42.435, 15.36.x hasta la versión 15.36.30.4385 y 15.40.x hasta la versión 15.40.4404 en Windows pernute a usuarios locales provocar una denegación de servicio (caída) u obtener privilegios a través de una petición D3DKMTEscape manipulada. • http://www.securityfocus.com/bid/91708 http://www.talosintelligence.com/reports/TALOS-2016-0087 https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00054&languageid=en-fr https://support.lenovo.com/us/en/product_security/ps500068 • CWE-264: Permissions, Privileges, and Access Controls •