CVE-2019-18619

high-risk
Published 2020-07-22

Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave (all versions prior to 2019-11-15) allows a local user to execute arbitrary code in the enclave (that can compromise confidentiality of enclave data) via APIs that accept invalid pointers.

Do I need to act?

-
0.14% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.8/10 High
LOCAL / LOW complexity

Affected Products (20)

Vfs75Xx Firmware
Vfs75Xx Firmware
Vfs75Xx Firmware
Vfs75Xx Firmware
Vfs75Xx Firmware
Vfs75Xx Firmware
Vfs75Xx Firmware
Vfs75Xx Firmware
Vfs75Xx Firmware
Vfs75Xx Firmware
Vfs75Xx Firmware
Vfs75Xx Firmware
Vfs75Xx Firmware
Vfs75Xx Firmware
Vfs75Xx Firmware
Vfs75Xx Firmware
Vfs75Xx Firmware
Thinkpad 25 Firmware
Thankpad A475 Firmware
Thankpad A485 Firmware

Affected Vendors

Hp Lenovo Synaptics

References (10)

Patch https://support.hp.com/hk-en/document/c06696568
Patch https://support.lenovo.com/us/en/product_security/LEN-31372
Vendor Advisory https://www.synaptics.com/company/blog/
Vendor Advisory https://www.synaptics.com/sites/default/files/fingerprint-driver-SGX-security-br...
Vendor Advisory https://www.syssec.wiwi.uni-due.de/en/research/research-projects/analysis-of-tee...
Patch https://support.hp.com/hk-en/document/c06696568
Patch https://support.lenovo.com/us/en/product_security/LEN-31372
Vendor Advisory https://www.synaptics.com/company/blog/
Vendor Advisory https://www.synaptics.com/sites/default/files/fingerprint-driver-SGX-security-br...
Vendor Advisory https://www.syssec.wiwi.uni-due.de/en/research/research-projects/analysis-of-tee...
57
/ 100
high-risk
Severity 24/34 · High
Exploitability 1/34 · Minimal
Exposure 32/34 · Critical