A potential security vulnerability in multiple Intel® processors may allow escalation of privilege, denial of service, and/or information disclosure.** **Intel is releasing firmware updates to mitigate this potential vulnerability.
CVEID: CVE-2019-14607
Description: Improper conditions check in multiple Intel® Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access.
CVSS Base Score: 5.3 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
Datacenter Microprocessors
2nd Generation Intel® Xeon® Scalable Processor
Intel® Xeon® Scalable Processor
Intel® Xeon® D Processors
Intel® Xeon® W Processors
8th and 9th Generation Intel® Core™ i9
Client and Xeon E3 Microprocessors
Intel® Xeon® Processor E3 v5 & v6 Family
Intel® Xeon® E Processor
6th Generation Intel® Core™ Processors
7th Generation Intel® Core™ Processors
8th Generation Intel® Core™ Processor Family
9th Generation Intel® Core™ Processors Family
10th Generation Intel® Core™ Processor Family
Intel recommends that users of Intel® Processors listed above** **update to the latest firmware version provided by the system manufacturer that addresses these issues.__
The following issue was found internally by Intel.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.