CVE-2019-14557

EPSS 0.14%
Published 05.10.2020 14:15:12
Last modified 21.11.2024 04:26:57
Source secure@intel.com
Teams watchlist Login
Open Login

Buffer overflow in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable elevation of privilege or denial of service via adjacent access.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Intel ≫ Bios Version-

   Intel ≫ Celeron 4205u Version-
   Intel ≫ Celeron 4305u Version-
   Intel ≫ Celeron 4305ue Version-
   Intel ≫ Celeron 5205u Version-
   Intel ≫ Celeron 5305u Version-
   Intel ≫ Core I3 8100 Version-
   Intel ≫ Core I3 8100f Version-
   Intel ≫ Core I3 8100t Version-
   Intel ≫ Core I3 8300 Version-
   Intel ≫ Core I3 8300t Version-
   Intel ≫ Core I3 8350k Version-
   Intel ≫ Core I3 9100 Version-
   Intel ≫ Core I3 9100f Version-
   Intel ≫ Core I3 9100t Version-
   Intel ≫ Core I3 9300 Version-
   Intel ≫ Core I3 9300t Version-
   Intel ≫ Core I3 9320 Version-
   Intel ≫ Core I3 9350k Version-
   Intel ≫ Core I3 9350kf Version-
   Intel ≫ Core I5 8400 Version-
   Intel ≫ Core I5 8400t Version-
   Intel ≫ Core I5 8500 Version-
   Intel ≫ Core I5 8500t Version-
   Intel ≫ Core I5 8600 Version-
   Intel ≫ Core I5 8600k Version-
   Intel ≫ Core I5 8600t Version-
   Intel ≫ Core I5 9400 Version-
   Intel ≫ Core I5 9400f Version-
   Intel ≫ Core I5 9400t Version-
   Intel ≫ Core I5 9500 Version-
   Intel ≫ Core I5 9500f Version-
   Intel ≫ Core I5 9500t Version-
   Intel ≫ Core I5 9600 Version-
   Intel ≫ Core I5 9600k Version-
   Intel ≫ Core I5 9600kf Version-
   Intel ≫ Core I5 9600t Version-
   Intel ≫ Core I7 1060g7 Version-
   Intel ≫ Core I7 1060ng7 Version-
   Intel ≫ Core I7 1065g7 Version-
   Intel ≫ Core I7 1068ng7 Version-
   Intel ≫ Core I7 8086k Version-
   Intel ≫ Core I7 8700 Version-
   Intel ≫ Core I7 8700k Version-
   Intel ≫ Core I7 8700t Version-
   Intel ≫ Core I7 9700 Version-
   Intel ≫ Core I7 9700f Version-
   Intel ≫ Core I7 9700k Version-
   Intel ≫ Core I7 9700kf Version-
   Intel ≫ Core I7 9700t Version-
   Intel ≫ Core I9 9900 Version-
   Intel ≫ Core I9 9900k Version-
   Intel ≫ Core I9 9900kf Version-
   Intel ≫ Core I9 9900ks Version-
   Intel ≫ Core I9 9900t Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.14%	0.311

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8	2.1	5.9	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	5.2	5.1	6.4	AV:A/AC:L/Au:S/C:P/I:P/A:P

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00356.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-14557

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-14557

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-14557

EUVD