Main Vulnerability Database SB2021061615

SB2021061615 - Multiple vulnerabilities in Intel RealSense ID

Published: June 16, 2021

Security Bulletin ID SB2021061615

Severity

Low

Patch available

YES

Number of vulnerabilities 2

Exploitation vector Physical access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Protection Mechanism Failure (CVE-ID: CVE-2020-24515)

The vulnerability allows a local attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient implementation of security measures. An attacker with physical access can bypass implemented security restrictions and elevate privileges on the system.

2) Improper Authentication (CVE-ID: CVE-2020-24514)

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests. An attacker with physical access can bypass authentication process and gain elevated privileges on the system.

Remediation

Install update from vendor's website.

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00460.html