CVE & CISA-KEV Catalog

CVE-2019-18619

HIGH
7.8
CVSS v3
NVD

Description

Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave (all versions prior to 2019-11-15) allows a local user to execute arbitrary code in the enclave (that can compromise confidentiality of enclave data) via APIs that accept invalid pointers.

How to fix

Remediation Available
envy - 13t-ah100 firmwareNVD
Affected:< 5.5.11.1093Fixed in:5.5.11.1093CVE-2019-18619derived from NVD
envy - 13t-aq100 firmwareNVD
Affected:< 6.0.39.1111Fixed in:6.0.39.1111CVE-2019-18619derived from NVD
envy - 17t-bw000 firmwareNVD
Affected:< 5.5.11.1093Fixed in:5.5.11.1093CVE-2019-18619derived from NVD
envy - 17t-ce000 firmwareNVD
Affected:< 6.0.39.1111Fixed in:6.0.39.1111CVE-2019-18619derived from NVD
envy - 17t-ce100 firmwareNVD
Affected:< 6.0.39.1111Fixed in:6.0.39.1111CVE-2019-18619derived from NVD
envy 13-ah0xxx firmwareNVD
Affected:< 5.5.11.1093Fixed in:5.5.11.1093CVE-2019-18619derived from NVD
envy 13-ah1xxx firmwareNVD
Affected:< 5.5.11.1093Fixed in:5.5.11.1093CVE-2019-18619derived from NVD
envy 13-aq0xxx firmwareNVD
Affected:< 6.0.39.1111Fixed in:6.0.39.1111CVE-2019-18619derived from NVD
envy 13-aq1xxx firmwareNVD
Affected:< 6.0.39.1111Fixed in:6.0.39.1111CVE-2019-18619derived from NVD
envy 15-cn0xxx x360 firmwareNVD
Affected:< 5.5.11.1093Fixed in:5.5.11.1093CVE-2019-18619derived from NVD
envy 15-cn1xxx x360 firmwareNVD
Affected:< 5.5.11.1093Fixed in:5.5.11.1093CVE-2019-18619derived from NVD
envy 15-dr0xxx x360 \(validity fps\) firmwareNVD
Affected:< 5.5.26.1102Fixed in:5.5.26.1102CVE-2019-18619derived from NVD
envy 15-dr0xxx x360 firmwareNVD
Affected:< 6.0.39.1111Fixed in:6.0.39.1111CVE-2019-18619derived from NVD
envy 15-dr1xxx x360 \(validity fps\) firmwareNVD
Affected:< 5.5.26.1102Fixed in:5.5.26.1102CVE-2019-18619derived from NVD
envy 15-dr1xxx x360 firmwareNVD
Affected:< 6.0.39.1111Fixed in:6.0.39.1111CVE-2019-18619derived from NVD
envy 15m-cn0xxx x360 firmwareNVD
Affected:< 5.5.11.1093Fixed in:5.5.11.1093CVE-2019-18619derived from NVD
envy 15m-dr0xxx x360 \(validity fps\) firmwareNVD
Affected:< 5.5.26.1102Fixed in:5.5.26.1102CVE-2019-18619derived from NVD
envy 15m-dr0xxx x360 firmwareNVD
Affected:< 6.0.39.1111Fixed in:6.0.39.1111CVE-2019-18619derived from NVD
envy 15m-dr1xxx x360 \(validity fps\) firmwareNVD
Affected:< 5.5.26.1102Fixed in:5.5.26.1102CVE-2019-18619derived from NVD
envy 15m-dr1xxx x360 firmwareNVD
Affected:< 6.0.39.1111Fixed in:6.0.39.1111CVE-2019-18619derived from NVD
envy 17-bw0xxx firmwareNVD
Affected:< 5.5.11.1093Fixed in:5.5.11.1093CVE-2019-18619derived from NVD
envy 17-ce0xxx firmwareNVD
Affected:< 6.0.39.1111Fixed in:6.0.39.1111CVE-2019-18619derived from NVD
envy 17-ce1xxx firmwareNVD
Affected:< 6.0.39.1111Fixed in:6.0.39.1111CVE-2019-18619derived from NVD
envy 17m-bw0xxx firmwareNVD
Affected:< 5.5.11.1093Fixed in:5.5.11.1093CVE-2019-18619derived from NVD
envy 17m-ce0xxx firmwareNVD
Affected:< 6.0.39.1111Fixed in:6.0.39.1111CVE-2019-18619derived from NVD
envy 17m-ce1xxx firmwareNVD
Affected:< 6.0.39.1111Fixed in:6.0.39.1111CVE-2019-18619derived from NVD
envy x360 - 15t-cn000 firmwareNVD
Affected:< 5.5.11.1093Fixed in:5.5.11.1093CVE-2019-18619derived from NVD
envy x360 - 15t-dr000 \(validity fps\) firmwareNVD
Affected:< 5.5.26.1102Fixed in:5.5.26.1102CVE-2019-18619derived from NVD
envy x360 - 15t-dr000 firmwareNVD
Affected:< 6.0.39.1111Fixed in:6.0.39.1111CVE-2019-18619derived from NVD
envy x360 - 15t-dr100 \(validity fps\) firmwareNVD
Affected:< 5.5.26.1102Fixed in:5.5.26.1102CVE-2019-18619derived from NVD
envy x360 - 15t-dr100 firmwareNVD
Affected:< 6.0.39.1111Fixed in:6.0.39.1111CVE-2019-18619derived from NVD
pavilion 14-cd1xxx x360 firmwareNVD
Affected:< 5.5.11.1093Fixed in:5.5.11.1093CVE-2019-18619derived from NVD
pavilion 14-cd2xxx x360 firmwareNVD
Affected:< 5.5.11.1093Fixed in:5.5.11.1093CVE-2019-18619derived from NVD
pavilion 14-dh0xxx x360 firmwareNVD
Affected:< 5.5.8.1116Fixed in:5.5.8.1116CVE-2019-18619derived from NVD
pavilion 14m-cd0xxx x360 firmwareNVD
Affected:< 5.5.11.1093Fixed in:5.5.11.1093CVE-2019-18619derived from NVD
pavilion 14m-dh0xxx x360 firmwareNVD
Affected:< 5.5.8.1116Fixed in:5.5.8.1116CVE-2019-18619derived from NVD
pavilion 15 firmwareNVD
Affected:< 5.5.8.1116Fixed in:5.5.8.1116CVE-2019-18619derived from NVD
pavilion x360 - 14t-cd000 firmwareNVD
Affected:< 5.5.11.1093Fixed in:5.5.11.1093CVE-2019-18619derived from NVD
pavilion x360 - 15t-dq000 firmwareNVD
Affected:< 5.5.8.1116Fixed in:5.5.8.1116CVE-2019-18619derived from NVD
pavilion x360 - 15t-dq100 firmwareNVD
Affected:< 5.5.8.1116Fixed in:5.5.8.1116CVE-2019-18619derived from NVD
pavilion x360 14t-cd100 firmwareNVD
Affected:< 5.5.11.1093Fixed in:5.5.11.1093CVE-2019-18619derived from NVD
pavilion x360 14t-dh000 firmwareNVD
Affected:< 5.5.8.1116Fixed in:5.5.8.1116CVE-2019-18619derived from NVD
spectre x360 firmwareNVD
Affected:< 5.5.26.1102Fixed in:5.5.26.1102CVE-2019-18619derived from NVD
thankpad a475 firmwareNVD
Affected:< 5.02.3539.0026Fixed in:5.02.3539.0026CVE-2019-18619derived from NVD
thankpad a485 firmwareNVD
Affected:< 5.03.3542.0026Fixed in:5.03.3542.0026CVE-2019-18619derived from NVD
thinkpad 25 firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad a275 firmwareNVD
Affected:< 5.2.3535.26Fixed in:5.2.3535.26CVE-2019-18619derived from NVD
thinkpad e480 firmwareNVD
Affected:< 5.2.321.26Fixed in:5.2.321.26CVE-2019-18619derived from NVD
thinkpad e485 firmwareNVD
Affected:< 5.2.321.26Fixed in:5.2.321.26CVE-2019-18619derived from NVD
thinkpad e490 firmwareNVD
Affected:< 5.2.321.26Fixed in:5.2.321.26CVE-2019-18619derived from NVD
thinkpad e490s firmwareNVD
Affected:< 5.2.321.26Fixed in:5.2.321.26CVE-2019-18619derived from NVD
thinkpad e580 firmwareNVD
Affected:< 5.2.321.26Fixed in:5.2.321.26CVE-2019-18619derived from NVD
thinkpad e585 firmwareNVD
Affected:< 5.2.321.26Fixed in:5.2.321.26CVE-2019-18619derived from NVD
thinkpad e590 firmwareNVD
Affected:< 5.2.321.26Fixed in:5.2.321.26CVE-2019-18619derived from NVD
thinkpad l480 firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad l580 firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad p1 firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad p1 gen 2 firmwareNVD
Affected:< 6.0.36.1105Fixed in:6.0.36.1105CVE-2019-18619derived from NVD
thinkpad p43s firmwareNVD
Affected:< 6.0.36.1105Fixed in:6.0.36.1105CVE-2019-18619derived from NVD
thinkpad p50 firmwareNVD
Affected:< 5.1.338.26Fixed in:5.1.338.26CVE-2019-18619derived from NVD
thinkpad p51 firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad p51s \(20hx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad p51s \(20jx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad p51s \(20kx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad p52 firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad p52s firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad p53 firmwareNVD
Affected:< 6.0.36.1105Fixed in:6.0.36.1105CVE-2019-18619derived from NVD
thinkpad p53s firmwareNVD
Affected:< 6.0.36.1105Fixed in:6.0.36.1105CVE-2019-18619derived from NVD
thinkpad p70 firmwareNVD
Affected:< 5.1.338.26Fixed in:5.1.338.26CVE-2019-18619derived from NVD
thinkpad p71 \(20hx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad p72 firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad p73 firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad r490 firmwareNVD
Affected:< 5.2.321.26Fixed in:5.2.321.26CVE-2019-18619derived from NVD
thinkpad r590 firmwareNVD
Affected:< 5.2.321.26Fixed in:5.2.321.26CVE-2019-18619derived from NVD
thinkpad s1 3rd firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad s3 firmwareNVD
Affected:< 5.2.321.26Fixed in:5.2.321.26CVE-2019-18619derived from NVD
thinkpad t25 \(20k7\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad t460p firmwareNVD
Affected:< 5.1.338.26Fixed in:5.1.338.26CVE-2019-18619derived from NVD
thinkpad t460s firmwareNVD
Affected:< 5.1.338.26Fixed in:5.1.338.26CVE-2019-18619derived from NVD
thinkpad t470 \(20hx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad t470 \(20jx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad t470p firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad t470s \(20hx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad t470s \(20jx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad t480 firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad t480s firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad t490 firmwareNVD
Affected:< 6.0.36.1105Fixed in:6.0.36.1105CVE-2019-18619derived from NVD
thinkpad t490s firmwareNVD
Affected:< 6.0.36.1105Fixed in:6.0.36.1105CVE-2019-18619derived from NVD
thinkpad t570\(20jx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad t570 \(20hx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad t580 firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad t590 firmwareNVD
Affected:< 6.0.36.1105Fixed in:6.0.36.1105CVE-2019-18619derived from NVD
thinkpad x1 carbon \(20hx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad x1 carbon \(20kx\) firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad x1 carbon firmwareNVD
Affected:< 5.1.338.26Fixed in:5.1.338.26CVE-2019-18619derived from NVD
thinkpad x1 extreme 2nd firmwareNVD
Affected:< 6.0.36.1105Fixed in:6.0.36.1105CVE-2019-18619derived from NVD
thinkpad x1 extreme firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad x1 tablet \(20jx\) firmwareNVD
Affected:< 5.2.227.26Fixed in:5.2.227.26CVE-2019-18619derived from NVD
thinkpad x1 tablet firmwareNVD
Affected:< 5.5.40.1058Fixed in:5.5.40.1058CVE-2019-18619derived from NVD
thinkpad x1 yoga 3rd gen firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad x1 yoga 4th gen firmwareNVD
Affected:< 5.1.338.26Fixed in:5.1.338.26CVE-2019-18619derived from NVD
thinkpad x1 yoga \(20jx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad x1 yoga firmwareNVD
Affected:< 5.1.338.26Fixed in:5.1.338.26CVE-2019-18619derived from NVD
thinkpad x270 firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad x280 firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad x380 yoga firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad x390 firmwareNVD
Affected:< 6.0.36.1105Fixed in:6.0.36.1105CVE-2019-18619derived from NVD
thinkpad x390 yoga firmwareNVD
Affected:< 6.0.36.1105Fixed in:6.0.36.1105CVE-2019-18619derived from NVD
thinkpad yoga 260 firmwareNVD
Affected:< 5.1.338.26Fixed in:5.1.338.26CVE-2019-18619derived from NVD
thinkpad yoga 370 firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad yoga s1 firmwareNVD
Affected:< 5.1.338.26Fixed in:5.1.338.26CVE-2019-18619derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploit Intelligence

0.47%probability of exploitation in 30 days
37thpercentile

Low risk: more likely to be exploited than 37% of all known CVEs.

References

Embed a live status badge for CVE-2019-18619
CVE-2019-18619 severity badge

Markdown

[![CVE-2019-18619](https://tridentstack.com/cve/badge/CVE-2019-18619.svg)](https://tridentstack.com/cve/CVE-2019-18619)

HTML

<a href="https://tridentstack.com/cve/CVE-2019-18619"><img src="https://tridentstack.com/cve/badge/CVE-2019-18619.svg" alt="CVE-2019-18619"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.