10 matches found
CVE-2019-11125
The CVE-2019-11125 family concerns Intel NUC Kit system firmware with multiple local-rights escalation issues. Concrete entries in linked documents (Intel INTEL‑SA‑00264 advisory) enumerate seven CVEs affecting NUC Kit and Compute Card firmware: CVE-2019-11123: Insufficient session validation in ...
CVE-2019-11129
CVE-2019-11129 affects Intel NUC Kit system firmware. Out-of-bounds read/write in firmware may enable a local privileged escalation, DoS, or information disclosure. Intel’s advisory Intel-SA-00264 lists affected NUC models and requires firmware updates (BIOS versions 0071+ for NUC8 series and oth...
CVE-2019-11128
The CVE-2019-11128 entry affects Intel® NUC firmware. Root cause: insufficient input validation in system firmware for Intel NUC Kit. Impact: escalation of privilege, denial of service, and/or information disclosure via local access (local attack vector). Intel advisory lists CVSS v3.0 base score...
CVE-2019-11123
CVE-2019-11123 affects Intel NUC Kit/system firmware (e.g., NUC8i3BEx, NUC8i5BEx, NUC8i7BEx, several Compute Cards/NUCs). Root cause: insufficient session validation in the system firmware, enabling a local privileged user to potentially escalate privileges, cause DoS, or disclose information. CV...
CVE-2019-11126
Intel NUC firmware CVE-2019-11126 is a pointer-corruption vulnerability in the system firmware that may allow a local privileged user to escalate privileges, cause DoS, or disclose information. Intel’s advisory (Intel-SA-00264) lists affected devices (various NUC Kit and Compute Card models) and ...
CVE-2019-11124
Intel NUC firmware advisory documents CVE-2019-11123, CVE-2019-11124, CVE-2019-11125, CVE-2019-11126, CVE-2019-11127, CVE-2019-11128, and CVE-2019-11129 describing systemic firmware flaws that may allow a privileged user to escalate privileges, cause DoS, or disclose information via local access....
CVE-2019-11127
CVE-2019-11127 is a buffer overflow in Intel NUC Kit system firmware that could allow a locally privileged user to escalate privileges, cause DoS, or disclose information. Intel’s Intel‑SA‑00264 advisory documents related CVEs (11123, 11124, 11125, 11126, 11127, 11128, 11129) and specifies that m...
CVE-2017-3718
CVE-2017-3718 describes an improper setting of device configuration in Intel NUC system firmware that could allow a privileged user to escalate privileges with physical access. The Intel advisory INTEL-SA-00144 confirms a vulnerability in Intel NUC firmware and lists affected products (e.g., NUC7...
CVE-2019-11140
The CVE-2019-11140 issue affects Intel® NUC system firmware. The root cause is insufficient session validation in the NUC firmware, which could allow a local privileged user to escalate privileges, cause a denial of service, or disclose information. Intel’s advisory (Intel® NUC Advisory, CVE-2019...
CVE-2018-12176
CVE-2018-12176 affects Intel NUC firmware via improper input validation in Intel NUC Kits firmware, potentially allowing a local privileged user to execute arbitrary code, leading to information disclosure, escalation of privilege and/or denial of service. The Intel Intel-SA-00176 advisory confir...