CVE-2019-14610
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD
Description
Improper access control in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access.
Affected (19)
Products: Intel: Nuc 8 Mainstream Game Kit Firmware, Nuc 8 Mainstream Game Mini Computer Firmware, Nuc8i7bek Firmware, Cd1p64gk Firmware, Nuc8i3cysm Firmware, Nuc8i7hnk Firmware, Nuc7i7dnke Firmware, Nuc7i5dnke Firmware, Nuc7i3dnhe Firmware, Stk2mv64cc Firmware, Stk2m3w64cc Firmware, Nuc6i7kyk Firmware, Nuc6i5syh Firmware, Nuc7cjyh Firmware, Cd1m3128mk Firmware, Cd1iv128mk Firmware, Nuc6cays Firmware, De3815tybe Firmware, D34010wyb Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 0036 |
| Running on/with | Platform Versions |
|---|---|
Intel Nuc 8 Mainstream Game Kit | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 0036 |
| Running on/with | Platform Versions |
|---|---|
Intel Nuc 8 Mainstream Game Mini Computer | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 0077 |
| Running on/with | Platform Versions |
|---|---|
Intel Nuc8i7bek | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 0053 |
| Running on/with | Platform Versions |
|---|---|
Intel Cd1p64gk | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 0043 |
| Running on/with | Platform Versions |
|---|---|
Intel Nuc8i3cysm | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 0059 |
| Running on/with | Platform Versions |
|---|---|
Intel Nuc8i7hnk | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 0067 |
| Running on/with | Platform Versions |
|---|---|
Intel Nuc7i7dnke | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 0067 |
| Running on/with | Platform Versions |
|---|---|
Intel Nuc7i5dnke | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 0067 |
| Running on/with | Platform Versions |
|---|---|
Intel Nuc7i3dnhe | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before 0061 |
| Running on/with | Platform Versions |
|---|---|
Intel Stk2mv64cc | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before 0062 |
| Running on/with | Platform Versions |
|---|---|
Intel Stk2m3w64cc | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before 0066 |
| Running on/with | Platform Versions |
|---|---|
Intel Nuc6i7kyk | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before 0072 |
| Running on/with | Platform Versions |
|---|---|
Intel Nuc6i5syh | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before 0053 |
| Running on/with | Platform Versions |
|---|---|
Intel Nuc7cjyh | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before 0058 |
| Running on/with | Platform Versions |
|---|---|
Intel Cd1m3128mk | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before 0038 |
| Running on/with | Platform Versions |
|---|---|
Intel Cd1iv128mk | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before 0064 |
| Running on/with | Platform Versions |
|---|---|
Intel Nuc6cays | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before 0024 |
| Running on/with | Platform Versions |
|---|---|
Intel De3815tybe | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Before 0054 |
| Running on/with | Platform Versions |
|---|---|
Intel D34010wyb | All versions |
References (2)
Source: secure@intel.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Timeline
No history available yet.