Rewterz Threat Advisory – CVE-2019-11634 – Citrix Workspace / Receiver for Windows Remote Code Execution Vulnerability
May 16, 2019Rewterz Threat Advisory – CVE-2019-11085 – Linux Kernel Intel i915 Graphics Driver Privilege Escalation Vulnerability
May 17, 2019Rewterz Threat Advisory – CVE-2019-11634 – Citrix Workspace / Receiver for Windows Remote Code Execution Vulnerability
May 16, 2019Rewterz Threat Advisory – CVE-2019-11085 – Linux Kernel Intel i915 Graphics Driver Privilege Escalation Vulnerability
May 17, 2019Severity
Medium
Analysis Summary
The Intel Driver & Support Assistant Software, which allows users to update their drivers and software on Intel-based machines – suffers from a number of logic based issues which result in both arbitrary file read and write as SYSTEM. This can be exploited by a low privileged local attacker to achieve local privilege escalation.
Impact
Privilege escalation
Affected Vendors
Intel
Affected Products
Intel Driver Support & Assistance prior to version 19.4.18
Remediation
Upgrade Intel DSA version 19.4.18, or newer.