11 matches found
CVE-2019-11125
The CVE-2019-11125 family concerns Intel NUC Kit system firmware with multiple local-rights escalation issues. Concrete entries in linked documents (Intel INTEL‑SA‑00264 advisory) enumerate seven CVEs affecting NUC Kit and Compute Card firmware: CVE-2019-11123: Insufficient session validation in ...
CVE-2019-11129
CVE-2019-11129 affects Intel NUC Kit system firmware. Out-of-bounds read/write in firmware may enable a local privileged escalation, DoS, or information disclosure. Intel’s advisory Intel-SA-00264 lists affected NUC models and requires firmware updates (BIOS versions 0071+ for NUC8 series and oth...
CVE-2019-11094
CVE-2019-11094 relates to the Intel NUC Kit system firmware. The issue is an insufficient input validation vulnerability in the NUC firmware that could allow an authenticated local user to escalate privileges, cause a denial of service, or disclose information. Affected are Intel NUC Kit system f...
CVE-2019-11128
The CVE-2019-11128 entry affects Intel® NUC firmware. Root cause: insufficient input validation in system firmware for Intel NUC Kit. Impact: escalation of privilege, denial of service, and/or information disclosure via local access (local attack vector). Intel advisory lists CVSS v3.0 base score...
CVE-2019-11123
CVE-2019-11123 affects Intel NUC Kit/system firmware (e.g., NUC8i3BEx, NUC8i5BEx, NUC8i7BEx, several Compute Cards/NUCs). Root cause: insufficient session validation in the system firmware, enabling a local privileged user to potentially escalate privileges, cause DoS, or disclose information. CV...
CVE-2019-11126
Intel NUC firmware CVE-2019-11126 is a pointer-corruption vulnerability in the system firmware that may allow a local privileged user to escalate privileges, cause DoS, or disclose information. Intel’s advisory (Intel-SA-00264) lists affected devices (various NUC Kit and Compute Card models) and ...
CVE-2019-11124
Intel NUC firmware advisory documents CVE-2019-11123, CVE-2019-11124, CVE-2019-11125, CVE-2019-11126, CVE-2019-11127, CVE-2019-11128, and CVE-2019-11129 describing systemic firmware flaws that may allow a privileged user to escalate privileges, cause DoS, or disclose information via local access....
CVE-2019-11127
CVE-2019-11127 is a buffer overflow in Intel NUC Kit system firmware that could allow a locally privileged user to escalate privileges, cause DoS, or disclose information. Intel’s Intel‑SA‑00264 advisory documents related CVEs (11123, 11124, 11125, 11126, 11127, 11128, 11129) and specifies that m...
CVE-2017-3718
CVE-2017-3718 describes an improper setting of device configuration in Intel NUC system firmware that could allow a privileged user to escalate privileges with physical access. The Intel advisory INTEL-SA-00144 confirms a vulnerability in Intel NUC firmware and lists affected products (e.g., NUC7...
CVE-2019-11140
The CVE-2019-11140 issue affects Intel® NUC system firmware. The root cause is insufficient session validation in the NUC firmware, which could allow a local privileged user to escalate privileges, cause a denial of service, or disclose information. Intel’s advisory (Intel® NUC Advisory, CVE-2019...
CVE-2018-12176
CVE-2018-12176 affects Intel NUC firmware via improper input validation in Intel NUC Kits firmware, potentially allowing a local privileged user to execute arbitrary code, leading to information disclosure, escalation of privilege and/or denial of service. The Intel Intel-SA-00176 advisory confir...