Lucene search

K
cve[email protected]CVE-2019-14611
HistoryDec 16, 2019 - 8:15 p.m.

CVE-2019-14611

2019-12-1620:15:15
CWE-190
web.nvd.nist.gov
25
firmware
integer overflow
cve-2019-14611
intel(r) nuc(r)
nvd

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

12.7%

Integer overflow in firmware for Intel® NUC® may allow a privileged user to potentially enable escalation of privilege via local access.

Affected configurations

NVD
Node
intelnuc_8_mainstream_game_kit_firmwareRange<0036
AND
intelnuc_8_mainstream_game_kitMatch-
Node
intelnuc_8_mainstream_game_mini_computer_firmwareRange<0036
AND
intelnuc_8_mainstream_game_mini_computerMatch-
Node
intelnuc8i7bek_firmwareRange<0077
AND
intelnuc8i7bekMatch-
Node
intelcd1p64gk_firmwareRange<0053
AND
intelcd1p64gkMatch-
Node
intelnuc8i3cysm_firmwareRange<0043
AND
intelnuc8i3cysmMatch-
Node
intelnuc8i7hnk_firmwareRange<0059
AND
intelnuc8i7hnkMatch-
Node
intelnuc7i7dnke_firmwareRange<0067
AND
intelnuc7i7dnkeMatch-
Node
intelnuc7i5dnke_firmwareRange<0067
AND
intelnuc7i5dnkeMatch-
Node
intelnuc7i3dnhe_firmwareRange<0067
AND
intelnuc7i3dnheMatch-
Node
intelstk2mv64cc_firmwareRange<0061
AND
intelstk2mv64ccMatch-
Node
intelstk2m3w64cc_firmwareRange<0062
AND
intelstk2m3w64ccMatch-
Node
intelnuc6i7kyk_firmwareRange<0066
AND
intelnuc6i7kykMatch-
Node
intelnuc6i5syh_firmwareRange<0072
AND
intelnuc6i5syhMatch-
Node
intelnuc7cjyh_firmwareRange<0053
AND
intelnuc7cjyhMatch-
Node
intelcd1m3128mk_firmwareRange<0058
AND
intelcd1m3128mkMatch-
Node
intelcd1iv128mk_firmwareRange<0038
AND
intelcd1iv128mkMatch-
Node
intelnuc6cays_firmwareRange<0064
AND
intelnuc6caysMatch-
Node
intelde3815tybe_firmwareRange<0024
AND
intelde3815tybeMatch-
Node
inteld34010wyb_firmwareRange<0054
AND
inteld34010wybMatch-

CNA Affected

[
  {
    "product": "Intel(R) NUC(R)",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "See References"
      }
    ]
  }
]

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

12.7%

Related for CVE-2019-14611