CVE-2018-12220

Vulnerability

A logic bug exists in the kernel-mode driver (KMD) component of the Intel Graphics Driver for Windows, affecting versions prior to 10.18.x.5059 (15.33.x.5059), 10.18.x.5057 (15.36.x.5057), 20.19.x.5063 (15.40.x.5063), 21.20.x.5064 (15.45.x.5064), and version 24.20.100.6373. The bug resides in the driver's internal logic and can be triggered under specific, unspecified conditions by a user with local access to the system [1].

Exploitation

An attacker must have local access to the target system and possess user-level privileges. No user interaction beyond initiating the attack is required; the attacker can run a specially crafted application that interacts with the vulnerable kernel-mode driver. The exact sequence of steps to trigger the bug is not publicly detailed in the available advisories, but the flaw is reachable from user mode [1].

Impact

Successful exploitation grants the attacker the ability to execute arbitrary code in kernel context, which is the highest privilege level on a Windows system. This leads to complete compromise of confidentiality, integrity, and availability, allowing the attacker to install programs, view, change, or delete data, or create new accounts with full user rights [1].

Mitigation

Intel released updated driver versions containing the fix: 10.18.x.5059 (15.33.x.5059), 10.18.x.5057 (15.36.x.5057), 20.19.x.5063 (15.40.x.5063), 21.20.x.5064 (15.45.x.5064), and 24.20.100.6373. Users should update their Intel Graphics Driver to the latest version available from the Intel Download Center or via their system manufacturer [1]. No workarounds are documented in the reference.