6.7
CVE-2019-14611
- EPSS 0.13%
- Published 16.12.2019 20:15:15
- Last modified 21.11.2024 04:27:02
- Source secure@intel.com
- Teams watchlist Login
- Open Login
Integer overflow in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access.
Data is provided by the National Vulnerability Database (NVD)
Intel ≫ Nuc 8 Mainstream Game Kit Firmware Version < 0036
Intel ≫ Nuc 8 Mainstream Game Mini Computer Firmware Version < 0036
Intel ≫ Nuc8i7bek Firmware Version < 0077
Intel ≫ Cd1p64gk Firmware Version < 0053
Intel ≫ Nuc8i3cysm Firmware Version < 0043
Intel ≫ Nuc8i7hnk Firmware Version < 0059
Intel ≫ Nuc7i7dnke Firmware Version < 0067
Intel ≫ Nuc7i5dnke Firmware Version < 0067
Intel ≫ Nuc7i3dnhe Firmware Version < 0067
Intel ≫ Stk2mv64cc Firmware Version < 0061
Intel ≫ Stk2m3w64cc Firmware Version < 0062
Intel ≫ Nuc6i7kyk Firmware Version < 0066
Intel ≫ Nuc6i5syh Firmware Version < 0072
Intel ≫ Nuc7cjyh Firmware Version < 0053
Intel ≫ Cd1m3128mk Firmware Version < 0058
Intel ≫ Cd1iv128mk Firmware Version < 0038
Intel ≫ Nuc6cays Firmware Version < 0064
Intel ≫ De3815tybe Firmware Version < 0024
Intel ≫ D34010wyb Firmware Version < 0054
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.343 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.7 | 0.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 4.6 | 3.9 | 6.4 |
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
CWE-190 Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.