Lucene search

K
cve[email protected]CVE-2019-14612
HistoryDec 16, 2019 - 8:15 p.m.

CVE-2019-14612

2019-12-1620:15:15
CWE-787
web.nvd.nist.gov
34
cve-2019-14612
intel
nuc
firmware
privilege escalation
local access

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

4.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

12.6%

Out of bounds write in firmware for Intel® NUC® may allow a privileged user to potentially enable escalation of privilege via local access.

Affected configurations

NVD
Node
intelnuc_8_mainstream_game_kit_firmwareRange<0036
AND
intelnuc_8_mainstream_game_kitMatch-
Node
intelnuc_8_mainstream_game_mini_computer_firmwareRange<0036
AND
intelnuc_8_mainstream_game_mini_computerMatch-
Node
intelnuc8i7bek_firmwareRange<0077
AND
intelnuc8i7bekMatch-
Node
intelcd1p64gk_firmwareRange<0053
AND
intelcd1p64gkMatch-
Node
intelnuc8i3cysm_firmwareRange<0043
AND
intelnuc8i3cysmMatch-
Node
intelnuc8i7hnk_firmwareRange<0059
AND
intelnuc8i7hnkMatch-
Node
intelnuc7i7dnke_firmwareRange<0067
AND
intelnuc7i7dnkeMatch-
Node
intelnuc7i5dnke_firmwareRange<0067
AND
intelnuc7i5dnkeMatch-
Node
intelnuc7i3dnhe_firmwareRange<0067
AND
intelnuc7i3dnheMatch-
Node
intelstk2mv64cc_firmwareRange<0061
AND
intelstk2mv64ccMatch-
Node
intelstk2m3w64cc_firmwareRange<0062
AND
intelstk2m3w64ccMatch-
Node
intelnuc6i7kyk_firmwareRange<0066
AND
intelnuc6i7kykMatch-
Node
intelnuc6i5syh_firmwareRange<0072
AND
intelnuc6i5syhMatch-
Node
intelnuc7cjyh_firmwareRange<0053
AND
intelnuc7cjyhMatch-
Node
intelcd1m3128mk_firmwareRange<0058
AND
intelcd1m3128mkMatch-
Node
intelcd1iv128mk_firmwareRange<0038
AND
intelcd1iv128mkMatch-
Node
intelnuc6cays_firmwareRange<0064
AND
intelnuc6caysMatch-
Node
intelde3815tybe_firmwareRange<0024
AND
intelde3815tybeMatch-
Node
inteld34010wyb_firmwareRange<0054
AND
inteld34010wybMatch-

CNA Affected

[
  {
    "product": "Intel(R) NUC(R)",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "See References"
      }
    ]
  }
]

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

4.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

12.6%

Related for CVE-2019-14612