All the vulnerabilites related to intel - compute_card_cd1m3128mk
cve-2019-11125
Vulnerability from cvelistv5
Published
2019-06-13 15:36
Modified
2024-08-04 22:48
Severity ?
Summary
Insufficient input validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
References
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/108766vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:48:08.281Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
          },
          {
            "name": "108766",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108766"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel(R) NUC Firmware",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Please see reference document."
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Insufficient input validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "escalation of privilege, denial of service and/or information disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-24T15:46:52",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
        },
        {
          "name": "108766",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108766"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2019-11125",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel(R) NUC Firmware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Please see reference document."
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Insufficient input validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "escalation of privilege, denial of service and/or information disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
            },
            {
              "name": "108766",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108766"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2019-11125",
    "datePublished": "2019-06-13T15:36:25",
    "dateReserved": "2019-04-11T00:00:00",
    "dateUpdated": "2024-08-04T22:48:08.281Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-11128
Vulnerability from cvelistv5
Published
2019-06-13 15:36
Modified
2024-08-04 22:48
Severity ?
Summary
Insufficient input validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
References
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.htmlx_refsource_CONFIRM
https://www.intel.com/content/www/us/en/security-center/advisory/inx_refsource_MISC
http://www.securityfocus.com/bid/108766vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:48:08.086Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/in"
          },
          {
            "name": "108766",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108766"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel(R) NUC Firmware",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Please see reference document."
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Insufficient input validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "escalation of privilege, denial of service and/or information disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-24T15:48:01",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/in"
        },
        {
          "name": "108766",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108766"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2019-11128",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel(R) NUC Firmware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Please see reference document."
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Insufficient input validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "escalation of privilege, denial of service and/or information disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
            },
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/in",
              "refsource": "MISC",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/in"
            },
            {
              "name": "108766",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108766"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2019-11128",
    "datePublished": "2019-06-13T15:36:25",
    "dateReserved": "2019-04-11T00:00:00",
    "dateUpdated": "2024-08-04T22:48:08.086Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-3718
Vulnerability from cvelistv5
Published
2019-01-10 20:00
Modified
2024-10-02 16:25
Severity ?
Summary
Improper setting of device configuration in system firmware for Intel(R) NUC kits may allow a privileged user to potentially enable escalation of privilege via physical access.
References
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00144.htmlx_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:39:41.131Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00144.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2017-3718",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-02T15:56:39.067860Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-02T16:25:44.107Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel(R) NUC",
          "vendor": "Intel Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Multiple versions."
            }
          ]
        }
      ],
      "datePublic": "2019-01-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper setting of device configuration in system firmware for Intel(R) NUC kits may allow a privileged user to potentially enable escalation of privilege via physical access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Escalation of Privilege",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-01-10T19:57:01",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00144.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "DATE_PUBLIC": "2019-01-08T00:00:00",
          "ID": "CVE-2017-3718",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel(R) NUC",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Multiple versions."
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intel Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Improper setting of device configuration in system firmware for Intel(R) NUC kits may allow a privileged user to potentially enable escalation of privilege via physical access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Escalation of Privilege"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00144.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00144.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2017-3718",
    "datePublished": "2019-01-10T20:00:00Z",
    "dateReserved": "2016-12-06T00:00:00",
    "dateUpdated": "2024-10-02T16:25:44.107Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-11123
Vulnerability from cvelistv5
Published
2019-06-13 15:36
Modified
2024-08-04 22:48
Severity ?
Summary
Insufficient session validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
References
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/108766vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:48:07.455Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
          },
          {
            "name": "108766",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108766"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel(R) NUC Firmware",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Please see reference document."
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Insufficient session validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "escalation of privilege, denial of service and/or information disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-24T15:45:51",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
        },
        {
          "name": "108766",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108766"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2019-11123",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel(R) NUC Firmware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Please see reference document."
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Insufficient session validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "escalation of privilege, denial of service and/or information disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
            },
            {
              "name": "108766",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108766"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2019-11123",
    "datePublished": "2019-06-13T15:36:25",
    "dateReserved": "2019-04-11T00:00:00",
    "dateUpdated": "2024-08-04T22:48:07.455Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-11129
Vulnerability from cvelistv5
Published
2019-06-13 15:36
Modified
2024-08-04 22:48
Severity ?
Summary
Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
References
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/108766vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:48:08.168Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
          },
          {
            "name": "108766",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108766"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel(R) NUC Firmware",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Please see reference document."
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "escalation of privilege, denial of service and/or information disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-20T22:17:03",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
        },
        {
          "name": "108766",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108766"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2019-11129",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel(R) NUC Firmware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Please see reference document."
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "escalation of privilege, denial of service and/or information disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
            },
            {
              "name": "108766",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108766"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2019-11129",
    "datePublished": "2019-06-13T15:36:25",
    "dateReserved": "2019-04-11T00:00:00",
    "dateUpdated": "2024-08-04T22:48:08.168Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-12176
Vulnerability from cvelistv5
Published
2018-09-12 19:00
Modified
2024-09-16 19:47
Severity ?
Summary
Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access.
References
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.htmlx_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:30:58.991Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel(R) NUC Kits and Intel(R) Compute Cards",
          "vendor": "Intel Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Multiple Intel(R) NUC Kits and Intel(R) Compute Cards (see list in Intel advisory)."
            }
          ]
        }
      ],
      "datePublic": "2018-09-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Escalation of Privilege, Denial of Service, Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-09-12T18:57:01",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "DATE_PUBLIC": "2018-09-11T00:00:00",
          "ID": "CVE-2018-12176",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel(R) NUC Kits and Intel(R) Compute Cards",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Multiple Intel(R) NUC Kits and Intel(R) Compute Cards (see list in Intel advisory)."
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intel Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Escalation of Privilege, Denial of Service, Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2018-12176",
    "datePublished": "2018-09-12T19:00:00Z",
    "dateReserved": "2018-06-11T00:00:00",
    "dateUpdated": "2024-09-16T19:47:25.259Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-11127
Vulnerability from cvelistv5
Published
2019-06-13 15:36
Modified
2024-08-04 22:48
Severity ?
Summary
Buffer overflow in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
References
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/108766vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:48:08.565Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
          },
          {
            "name": "108766",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108766"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel(R) NUC Firmware",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Please see reference document."
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "escalation of privilege, denial of service and/or information disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-24T15:47:42",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
        },
        {
          "name": "108766",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108766"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2019-11127",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel(R) NUC Firmware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Please see reference document."
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "escalation of privilege, denial of service and/or information disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
            },
            {
              "name": "108766",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108766"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2019-11127",
    "datePublished": "2019-06-13T15:36:25",
    "dateReserved": "2019-04-11T00:00:00",
    "dateUpdated": "2024-08-04T22:48:08.565Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-11126
Vulnerability from cvelistv5
Published
2019-06-13 15:36
Modified
2024-08-04 22:48
Severity ?
Summary
Pointer corruption in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
References
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/108766vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:48:07.984Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
          },
          {
            "name": "108766",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108766"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel(R) NUC Firmware",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Please see reference document."
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Pointer corruption in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "escalation of privilege, denial of service and/or information disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-24T15:47:17",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
        },
        {
          "name": "108766",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108766"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2019-11126",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel(R) NUC Firmware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Please see reference document."
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Pointer corruption in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "escalation of privilege, denial of service and/or information disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
            },
            {
              "name": "108766",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108766"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2019-11126",
    "datePublished": "2019-06-13T15:36:25",
    "dateReserved": "2019-04-11T00:00:00",
    "dateUpdated": "2024-08-04T22:48:07.984Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-11124
Vulnerability from cvelistv5
Published
2019-06-13 15:36
Modified
2024-08-04 22:48
Severity ?
Summary
Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
References
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/108766vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:48:08.563Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
          },
          {
            "name": "108766",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108766"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel(R) NUC Firmware",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Please see reference document."
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "escalation of privilege, denial of service and/or information disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-24T15:46:16",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
        },
        {
          "name": "108766",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108766"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2019-11124",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel(R) NUC Firmware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Please see reference document."
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "escalation of privilege, denial of service and/or information disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
            },
            {
              "name": "108766",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108766"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2019-11124",
    "datePublished": "2019-06-13T15:36:25",
    "dateReserved": "2019-04-11T00:00:00",
    "dateUpdated": "2024-08-04T22:48:08.563Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2019-06-13 16:29
Modified
2024-11-21 04:20
Severity ?
6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Insufficient input validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
References
secure@intel.comhttp://www.securityfocus.com/bid/108766Third Party Advisory, VDB Entry
secure@intel.comhttps://www.intel.com/content/www/us/en/security-center/advisory/inVendor Advisory
secure@intel.comhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html
nvd@nist.govhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/108766Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.intel.com/content/www/us/en/security-center/advisory/inVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html
Impacted products
Vendor Product Version
intel nuc_kit_firmware -
intel nuc_kit_nuc8i3bex -
intel nuc_kit_nuc8i3bex nuc_kit_d34010wyx
intel nuc_kit_nuc8i3bex nuc_kit_d54250wyx
intel nuc_kit_nuc8i3bex nuc_kit_de3815tyb
intel nuc_kit_nuc8i3bex nuc_kit_dn2820fykh
intel nuc_kit_nuc8i3bex nuc_kit_nuc5cpyh
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i3myx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i3ryx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i5myx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i5ryx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i7ryx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5pgyh
intel nuc_kit_nuc8i3bex nuc_kit_nuc5ppyh
intel nuc_kit_nuc8i3bex nuc_kit_nuc6cayx
intel nuc_kit_nuc8i3bex nuc_kit_nuc6i3syx
intel nuc_kit_nuc8i3bex nuc_kit_nuc6i5syx
intel nuc_kit_nuc8i3bex nuc_kit_nuc6i7kyk
intel nuc_kit_nuc8i3bex nuc_kit_nuc7cjy
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i3bnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i3dnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i5bnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i5dnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i7bnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i7dnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7pjy
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i3cyx
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i5bex
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i7bex
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i7hnk
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i7hvk
intel compute_card_firmware -
intel compute_card_cd1c64gk -
intel compute_card_cd1iv128mk -
intel compute_card_cd1m3128mk -
intel compute_card_cd1p64gk -
intel compute_stick_firmware -
intel compute_stick_stck1a32wfc -
intel compute_stick_stck1a8lfc -
intel compute_stick_stk2m364cc -
intel compute_stick_stk2m3w64cc -
intel compute_stick_stk2mv64cc -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:nuc_kit_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71AA56A6-EB26-4A62-83EC-6961BC24D4DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88D13413-C312-450A-90D5-48BEB1A9036E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d34010wyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4C02113-34E3-4C07-93D3-4AA22E9217DF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d54250wyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0E48A01-63CF-4C0F-836B-2BB06A28094F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_de3815tyb:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ED26383-FE24-4730-9593-1B87B51AA651",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_dn2820fykh:*:*:*:*:*:*:*",
              "matchCriteriaId": "633D585D-B1A7-4DEF-AC47-F513088F94FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5cpyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "77D3091A-D8C4-40AD-958C-C1CDB7C250EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3myx:*:*:*:*:*:*:*",
              "matchCriteriaId": "97C44293-9E69-4E3E-A59B-27138066B105",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B548392-6051-44CA-B8A8-DB3886CE7FBF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5myx:*:*:*:*:*:*:*",
              "matchCriteriaId": "511FE5B3-5AE5-4428-BA4A-5B45941D9B62",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC61C3BA-8456-4851-A1F0-E1D6A47F938E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i7ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "E96F930E-F0E1-4611-B205-E0169ECD9491",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5pgyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2B59679-B316-46FC-9426-72A8D95B0DE7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5ppyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8728A26-E1A4-4215-8FFE-3638782DA739",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6cayx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6637B704-3905-4F6A-A2CF-DB18E2A776C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i3syx:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE1C6ED2-180E-4C53-8B3A-A9A67FEE2FDA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i5syx:*:*:*:*:*:*:*",
              "matchCriteriaId": "548B342B-0E6C-4E74-BF67-450D0E84BA9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i7kyk:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BBFF3B1-237E-4E0D-8B94-E9F2215851E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7cjy:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD5262A4-2C3B-4801-870B-3F4D431DEC46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F5E5C2-F307-45CF-ABAF-89164FF2746B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF1903DA-B3FF-4B9B-941D-6F9AD0EBF2A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "57B2AFD1-357D-473A-A5A1-ED8F20FBE3A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5CDAC90-836E-45B3-BFA3-32268E54064A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B8FE994-6637-4109-A050-C98A0A1BEFEA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "09834DD2-6FD4-4A70-AAAF-EF1814DF0732",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7pjy:*:*:*:*:*:*:*",
              "matchCriteriaId": "93745511-0B33-4F55-9021-318B751087A7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i3cyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "72DFFFA1-B4CD-44FA-9FDB-1DCC39E06491",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i5bex:*:*:*:*:*:*:*",
              "matchCriteriaId": "A23E8A97-3460-4C6F-BA5C-0188DF367AB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7bex:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D44CAA8-EAA5-4997-8C43-169D96776D0F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hnk:*:*:*:*:*:*:*",
              "matchCriteriaId": "D86F9BA9-430F-4081-925F-0F59E1ADF1D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hvk:*:*:*:*:*:*:*",
              "matchCriteriaId": "88A2B949-34AB-4C5D-84C0-CC502A887208",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:compute_card_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F811493-1AB4-47BC-B942-2E93A7349843",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1c64gk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F05A36D1-E417-4904-9DBB-C5828F6521B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1iv128mk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFEA643F-FE21-45B0-AC74-D87D7D864D10",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1m3128mk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FA6131-F3C8-4B98-B4E8-C320C262F750",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1p64gk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E3D93D1-5772-4806-9428-9AB26B32D210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:compute_stick_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B4308-A49D-487D-A04D-FE34235F61C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stck1a32wfc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E453448C-AA11-48E3-8423-60E62A10D0CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stck1a8lfc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17AA0B4A-67AF-466E-BCA6-A8654CA99406",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2m364cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4E8B2EE-302C-4019-A20E-025AAB7E8C9E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2m3w64cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9A90BE5-6136-43A9-BC91-9474D3D0EEF6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2mv64cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B0C9D80-37A3-43E5-B818-55532F613436",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insufficient input validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
    },
    {
      "lang": "es",
      "value": "Validaci\u00f3n de entrada insuficiente en sistema firmware para Inte(R) NUC Kit puede permitir a un usuario privilegiado habilitar el aumento de denegaci\u00f3n de servicio y/o revelaci\u00f3n de informaci\u00f3n a trav\u00e9s del acceso local."
    }
  ],
  "id": "CVE-2019-11128",
  "lastModified": "2024-11-21T04:20:35.003",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-06-13T16:29:01.543",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108766"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/in"
    },
    {
      "source": "secure@intel.com",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
    },
    {
      "source": "nvd@nist.gov",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108766"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/in"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-06-13 16:29
Modified
2024-11-21 04:20
Severity ?
6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Pointer corruption in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
References
secure@intel.comhttp://www.securityfocus.com/bid/108766Third Party Advisory, VDB Entry
secure@intel.comhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html
nvd@nist.govhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/108766Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html
Impacted products
Vendor Product Version
intel nuc_kit_firmware -
intel nuc_kit_nuc8i3bex -
intel nuc_kit_nuc8i3bex nuc_kit_d34010wyx
intel nuc_kit_nuc8i3bex nuc_kit_d54250wyx
intel nuc_kit_nuc8i3bex nuc_kit_de3815tyb
intel nuc_kit_nuc8i3bex nuc_kit_dn2820fykh
intel nuc_kit_nuc8i3bex nuc_kit_nuc5cpyh
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i3myx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i3ryx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i5myx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i5ryx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i7ryx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5pgyh
intel nuc_kit_nuc8i3bex nuc_kit_nuc5ppyh
intel nuc_kit_nuc8i3bex nuc_kit_nuc6cayx
intel nuc_kit_nuc8i3bex nuc_kit_nuc6i3syx
intel nuc_kit_nuc8i3bex nuc_kit_nuc6i5syx
intel nuc_kit_nuc8i3bex nuc_kit_nuc6i7kyk
intel nuc_kit_nuc8i3bex nuc_kit_nuc7cjy
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i3bnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i3dnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i5bnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i5dnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i7bnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i7dnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7pjy
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i3cyx
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i5bex
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i7bex
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i7hnk
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i7hvk
intel compute_card_firmware -
intel compute_card_cd1c64gk -
intel compute_card_cd1iv128mk -
intel compute_card_cd1m3128mk -
intel compute_card_cd1p64gk -
intel compute_stick_firmware -
intel compute_stick_stck1a32wfc -
intel compute_stick_stck1a8lfc -
intel compute_stick_stk2m364cc -
intel compute_stick_stk2m3w64cc -
intel compute_stick_stk2mv64cc -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:nuc_kit_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71AA56A6-EB26-4A62-83EC-6961BC24D4DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88D13413-C312-450A-90D5-48BEB1A9036E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d34010wyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4C02113-34E3-4C07-93D3-4AA22E9217DF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d54250wyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0E48A01-63CF-4C0F-836B-2BB06A28094F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_de3815tyb:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ED26383-FE24-4730-9593-1B87B51AA651",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_dn2820fykh:*:*:*:*:*:*:*",
              "matchCriteriaId": "633D585D-B1A7-4DEF-AC47-F513088F94FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5cpyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "77D3091A-D8C4-40AD-958C-C1CDB7C250EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3myx:*:*:*:*:*:*:*",
              "matchCriteriaId": "97C44293-9E69-4E3E-A59B-27138066B105",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B548392-6051-44CA-B8A8-DB3886CE7FBF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5myx:*:*:*:*:*:*:*",
              "matchCriteriaId": "511FE5B3-5AE5-4428-BA4A-5B45941D9B62",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC61C3BA-8456-4851-A1F0-E1D6A47F938E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i7ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "E96F930E-F0E1-4611-B205-E0169ECD9491",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5pgyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2B59679-B316-46FC-9426-72A8D95B0DE7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5ppyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8728A26-E1A4-4215-8FFE-3638782DA739",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6cayx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6637B704-3905-4F6A-A2CF-DB18E2A776C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i3syx:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE1C6ED2-180E-4C53-8B3A-A9A67FEE2FDA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i5syx:*:*:*:*:*:*:*",
              "matchCriteriaId": "548B342B-0E6C-4E74-BF67-450D0E84BA9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i7kyk:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BBFF3B1-237E-4E0D-8B94-E9F2215851E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7cjy:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD5262A4-2C3B-4801-870B-3F4D431DEC46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F5E5C2-F307-45CF-ABAF-89164FF2746B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF1903DA-B3FF-4B9B-941D-6F9AD0EBF2A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "57B2AFD1-357D-473A-A5A1-ED8F20FBE3A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5CDAC90-836E-45B3-BFA3-32268E54064A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B8FE994-6637-4109-A050-C98A0A1BEFEA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "09834DD2-6FD4-4A70-AAAF-EF1814DF0732",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7pjy:*:*:*:*:*:*:*",
              "matchCriteriaId": "93745511-0B33-4F55-9021-318B751087A7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i3cyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "72DFFFA1-B4CD-44FA-9FDB-1DCC39E06491",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i5bex:*:*:*:*:*:*:*",
              "matchCriteriaId": "A23E8A97-3460-4C6F-BA5C-0188DF367AB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7bex:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D44CAA8-EAA5-4997-8C43-169D96776D0F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hnk:*:*:*:*:*:*:*",
              "matchCriteriaId": "D86F9BA9-430F-4081-925F-0F59E1ADF1D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hvk:*:*:*:*:*:*:*",
              "matchCriteriaId": "88A2B949-34AB-4C5D-84C0-CC502A887208",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:compute_card_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F811493-1AB4-47BC-B942-2E93A7349843",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1c64gk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F05A36D1-E417-4904-9DBB-C5828F6521B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1iv128mk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFEA643F-FE21-45B0-AC74-D87D7D864D10",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1m3128mk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FA6131-F3C8-4B98-B4E8-C320C262F750",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1p64gk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E3D93D1-5772-4806-9428-9AB26B32D210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:compute_stick_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B4308-A49D-487D-A04D-FE34235F61C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stck1a32wfc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E453448C-AA11-48E3-8423-60E62A10D0CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stck1a8lfc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17AA0B4A-67AF-466E-BCA6-A8654CA99406",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2m364cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4E8B2EE-302C-4019-A20E-025AAB7E8C9E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2m3w64cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9A90BE5-6136-43A9-BC91-9474D3D0EEF6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2mv64cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B0C9D80-37A3-43E5-B818-55532F613436",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Pointer corruption in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
    },
    {
      "lang": "es",
      "value": "La corrupci\u00f3n del puntero en el firmware del sistema para el kit Intel (R) NUC puede permitir que un usuario privilegiado habilite potencialmente un aumento  de privilegios, la denegaci\u00f3n de servicio y / o la divulgaci\u00f3n de informaci\u00f3n a trav\u00e9s del acceso local."
    }
  ],
  "id": "CVE-2019-11126",
  "lastModified": "2024-11-21T04:20:34.760",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-06-13T16:29:01.467",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108766"
    },
    {
      "source": "secure@intel.com",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
    },
    {
      "source": "nvd@nist.gov",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108766"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-01-10 20:29
Modified
2024-11-21 03:26
Severity ?
6.2 (Medium) - CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Improper setting of device configuration in system firmware for Intel(R) NUC kits may allow a privileged user to potentially enable escalation of privilege via physical access.
References
secalert_us@oracle.comhttps://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00144.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00144.htmlPatch, Vendor Advisory
Impacted products
Vendor Product Version
intel nuc_kit_firmware -
intel nuc_kit_d33217gke -
intel nuc_kit_d53427rke -
intel nuc_kit_d54250wyb -
intel nuc_kit_de3815tybe -
intel nuc_kit_dn2820fykh -
intel nuc_kit_nuc5cpyh -
intel nuc_kit_nuc5i3myhe -
intel nuc_kit_nuc5i5myhe -
intel nuc_kit_nuc5i7ryh -
intel nuc_kit_nuc5pgyh -
intel nuc_kit_nuc6cays -
intel nuc_kit_nuc6i5syh -
intel nuc_kit_nuc6i7kyk -
intel nuc_kit_nuc7cjyh -
intel nuc_kit_nuc7i3dnhe -
intel nuc_kit_nuc7i5dnke -
intel nuc_kit_nuc7i7bnh -
intel nuc_kit_nuc7i7dnke -
intel nuc_kit_nuc8i7hnk -
intel compute_card_firmware -
intel compute_card_cd1iv128mk -
intel compute_card_cd1m3128mk -
intel compute_card_cd1p64gk -
intel compute_stick_firmware -
intel compute_stick_stck1a32wfc -
intel compute_stick_stk1aw32sc -
intel compute_stick_stk2m3w64cc -
intel compute_stick_stk2mv64cc -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:nuc_kit_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71AA56A6-EB26-4A62-83EC-6961BC24D4DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_d33217gke:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "02BFB59F-D932-43E5-9A41-3AE3A9047DCE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_d53427rke:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "412647D8-EA12-4EE6-A2D3-71DDFD963BF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_d54250wyb:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8DB94BE-7F38-4029-954E-EFE1AC614798",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_de3815tybe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F83FBC94-6D65-4A44-992D-2A5AECC59E49",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_dn2820fykh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "738AD9B2-1055-42D0-8D16-205340BE3BE7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc5cpyh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB62714-4F2E-4980-9898-BBC4B06085F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc5i3myhe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97B8B238-D4DA-40A8-92CD-42B0EB6B1E2E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc5i5myhe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5226BE-680C-4915-AB23-EABC588DCC0B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc5i7ryh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03D56B57-D4CD-47E9-AE86-B1307D3609B7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc5pgyh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9ED06A8-FABF-431E-A5F4-F1B50E1F51B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc6cays:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A261B82-5F54-4556-B1D1-53F0CFDF1830",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc6i5syh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3892CA36-86BF-4861-8C32-657212EABC92",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc6i7kyk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CC80B8F-D912-40D3-90AF-00DDF6A91AED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc7cjyh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "573F0989-6A34-4595-A298-EA1B88C61BD9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i3dnhe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3143ABA5-9741-4CD2-AB9A-A7600EA6E32F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i5dnke:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EF7E820-8567-4E9A-8247-5E1665FFF8BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i7bnh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0DE3105-8418-4CA3-80B0-5EE4E394D58F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i7dnke:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DFDFEB2-B10D-489E-B51C-10FA84E65858",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i7hnk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "244CD6EC-780A-405E-8CFA-666A666FF7D5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:compute_card_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F811493-1AB4-47BC-B942-2E93A7349843",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1iv128mk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFEA643F-FE21-45B0-AC74-D87D7D864D10",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1m3128mk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FA6131-F3C8-4B98-B4E8-C320C262F750",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1p64gk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E3D93D1-5772-4806-9428-9AB26B32D210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:compute_stick_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B4308-A49D-487D-A04D-FE34235F61C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stck1a32wfc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E453448C-AA11-48E3-8423-60E62A10D0CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk1aw32sc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8B7517-4313-4DA8-953E-B36279157FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2m3w64cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9A90BE5-6136-43A9-BC91-9474D3D0EEF6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2mv64cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B0C9D80-37A3-43E5-B818-55532F613436",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper setting of device configuration in system firmware for Intel(R) NUC kits may allow a privileged user to potentially enable escalation of privilege via physical access."
    },
    {
      "lang": "es",
      "value": "La configuraci\u00f3n incorrecta de las opciones del dispositivo en el firmware del sistema para los kits Intel(R) NUC podr\u00eda permitir que un usuario privilegiado pueda habilitar el escalado de privilegios mediante acceso f\u00edsico."
    }
  ],
  "id": "CVE-2017-3718",
  "lastModified": "2024-11-21T03:26:01.080",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.2,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.3,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-01-10T20:29:00.237",
  "references": [
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00144.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00144.html"
    }
  ],
  "sourceIdentifier": "secalert_us@oracle.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-09-12 19:29
Modified
2024-11-21 03:44
Severity ?
8.2 (High) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access.
References
secure@intel.comhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.htmlVendor Advisory
Impacted products
Vendor Product Version
intel nuc_kit_firmware -
intel nuc_kit_d33217gke -
intel nuc_kit_d53427rke -
intel nuc_kit_d54250wyb -
intel nuc_kit_de3815tybe -
intel nuc_kit_dn2820fykh -
intel nuc_kit_nuc5cpyh -
intel nuc_kit_nuc5i3myhe -
intel nuc_kit_nuc5i5myhe -
intel nuc_kit_nuc5i7ryh -
intel nuc_kit_nuc5pgyh -
intel nuc_kit_nuc6cays -
intel nuc_kit_nuc6i5syh -
intel nuc_kit_nuc6i7kyk -
intel nuc_kit_nuc7cjyh -
intel nuc_kit_nuc7i3dnhe -
intel nuc_kit_nuc7i5dnke -
intel nuc_kit_nuc7i7bnh -
intel nuc_kit_nuc7i7dnke -
intel nuc_kit_nuc8i7hnk -
intel compute_card_firmware -
intel compute_card_cd1iv128mk -
intel compute_card_cd1m3128mk -
intel compute_card_cd1p64gk -
intel compute_stick_firmware -
intel compute_stick_stck1a32wfc -
intel compute_stick_stk1aw32sc -
intel compute_stick_stk2m3w64cc -
intel compute_stick_stk2mv64cc -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:nuc_kit_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71AA56A6-EB26-4A62-83EC-6961BC24D4DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_d33217gke:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "02BFB59F-D932-43E5-9A41-3AE3A9047DCE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_d53427rke:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "412647D8-EA12-4EE6-A2D3-71DDFD963BF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_d54250wyb:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8DB94BE-7F38-4029-954E-EFE1AC614798",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_de3815tybe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F83FBC94-6D65-4A44-992D-2A5AECC59E49",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_dn2820fykh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "738AD9B2-1055-42D0-8D16-205340BE3BE7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc5cpyh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB62714-4F2E-4980-9898-BBC4B06085F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc5i3myhe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97B8B238-D4DA-40A8-92CD-42B0EB6B1E2E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc5i5myhe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5226BE-680C-4915-AB23-EABC588DCC0B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc5i7ryh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03D56B57-D4CD-47E9-AE86-B1307D3609B7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc5pgyh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9ED06A8-FABF-431E-A5F4-F1B50E1F51B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc6cays:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A261B82-5F54-4556-B1D1-53F0CFDF1830",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc6i5syh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3892CA36-86BF-4861-8C32-657212EABC92",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc6i7kyk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CC80B8F-D912-40D3-90AF-00DDF6A91AED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc7cjyh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "573F0989-6A34-4595-A298-EA1B88C61BD9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i3dnhe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3143ABA5-9741-4CD2-AB9A-A7600EA6E32F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i5dnke:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EF7E820-8567-4E9A-8247-5E1665FFF8BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i7bnh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0DE3105-8418-4CA3-80B0-5EE4E394D58F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i7dnke:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DFDFEB2-B10D-489E-B51C-10FA84E65858",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i7hnk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "244CD6EC-780A-405E-8CFA-666A666FF7D5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:compute_card_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F811493-1AB4-47BC-B942-2E93A7349843",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1iv128mk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFEA643F-FE21-45B0-AC74-D87D7D864D10",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1m3128mk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FA6131-F3C8-4B98-B4E8-C320C262F750",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1p64gk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E3D93D1-5772-4806-9428-9AB26B32D210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:compute_stick_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B4308-A49D-487D-A04D-FE34235F61C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stck1a32wfc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E453448C-AA11-48E3-8423-60E62A10D0CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk1aw32sc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8B7517-4313-4DA8-953E-B36279157FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2m3w64cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9A90BE5-6136-43A9-BC91-9474D3D0EEF6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2mv64cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B0C9D80-37A3-43E5-B818-55532F613436",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access."
    },
    {
      "lang": "es",
      "value": "Validaci\u00f3n de entradas incorrecta en el firmware para Intel NUC Kits podr\u00eda permitir que un usuario privilegiado ejecute c\u00f3digo arbitrario, lo que resulta en una divulgaci\u00f3n de informaci\u00f3n, escalado de privilegios y/o una denegaci\u00f3n de servicio (DoS) mediante acceso local."
    }
  ],
  "id": "CVE-2018-12176",
  "lastModified": "2024-11-21T03:44:42.123",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-09-12T19:29:02.247",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-06-13 16:29
Modified
2024-11-21 04:20
Severity ?
6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Insufficient session validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
References
secure@intel.comhttp://www.securityfocus.com/bid/108766Third Party Advisory, VDB Entry
secure@intel.comhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html
nvd@nist.govhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/108766Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html
Impacted products
Vendor Product Version
intel nuc_kit_firmware -
intel nuc_kit_nuc8i3bex -
intel nuc_kit_nuc8i3bex nuc_kit_d34010wyx
intel nuc_kit_nuc8i3bex nuc_kit_d54250wyx
intel nuc_kit_nuc8i3bex nuc_kit_de3815tyb
intel nuc_kit_nuc8i3bex nuc_kit_dn2820fykh
intel nuc_kit_nuc8i3bex nuc_kit_nuc5cpyh
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i3myx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i3ryx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i5myx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i5ryx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i7ryx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5pgyh
intel nuc_kit_nuc8i3bex nuc_kit_nuc5ppyh
intel nuc_kit_nuc8i3bex nuc_kit_nuc6cayx
intel nuc_kit_nuc8i3bex nuc_kit_nuc6i3syx
intel nuc_kit_nuc8i3bex nuc_kit_nuc6i5syx
intel nuc_kit_nuc8i3bex nuc_kit_nuc6i7kyk
intel nuc_kit_nuc8i3bex nuc_kit_nuc7cjy
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i3bnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i3dnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i5bnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i5dnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i7bnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i7dnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7pjy
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i3cyx
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i5bex
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i7bex
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i7hnk
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i7hvk
intel compute_card_firmware -
intel compute_card_cd1c64gk -
intel compute_card_cd1iv128mk -
intel compute_card_cd1m3128mk -
intel compute_card_cd1p64gk -
intel compute_stick_firmware -
intel compute_stick_stck1a32wfc -
intel compute_stick_stck1a8lfc -
intel compute_stick_stk2m364cc -
intel compute_stick_stk2m3w64cc -
intel compute_stick_stk2mv64cc -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:nuc_kit_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71AA56A6-EB26-4A62-83EC-6961BC24D4DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88D13413-C312-450A-90D5-48BEB1A9036E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d34010wyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4C02113-34E3-4C07-93D3-4AA22E9217DF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d54250wyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0E48A01-63CF-4C0F-836B-2BB06A28094F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_de3815tyb:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ED26383-FE24-4730-9593-1B87B51AA651",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_dn2820fykh:*:*:*:*:*:*:*",
              "matchCriteriaId": "633D585D-B1A7-4DEF-AC47-F513088F94FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5cpyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "77D3091A-D8C4-40AD-958C-C1CDB7C250EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3myx:*:*:*:*:*:*:*",
              "matchCriteriaId": "97C44293-9E69-4E3E-A59B-27138066B105",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B548392-6051-44CA-B8A8-DB3886CE7FBF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5myx:*:*:*:*:*:*:*",
              "matchCriteriaId": "511FE5B3-5AE5-4428-BA4A-5B45941D9B62",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC61C3BA-8456-4851-A1F0-E1D6A47F938E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i7ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "E96F930E-F0E1-4611-B205-E0169ECD9491",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5pgyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2B59679-B316-46FC-9426-72A8D95B0DE7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5ppyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8728A26-E1A4-4215-8FFE-3638782DA739",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6cayx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6637B704-3905-4F6A-A2CF-DB18E2A776C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i3syx:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE1C6ED2-180E-4C53-8B3A-A9A67FEE2FDA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i5syx:*:*:*:*:*:*:*",
              "matchCriteriaId": "548B342B-0E6C-4E74-BF67-450D0E84BA9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i7kyk:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BBFF3B1-237E-4E0D-8B94-E9F2215851E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7cjy:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD5262A4-2C3B-4801-870B-3F4D431DEC46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F5E5C2-F307-45CF-ABAF-89164FF2746B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF1903DA-B3FF-4B9B-941D-6F9AD0EBF2A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "57B2AFD1-357D-473A-A5A1-ED8F20FBE3A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5CDAC90-836E-45B3-BFA3-32268E54064A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B8FE994-6637-4109-A050-C98A0A1BEFEA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "09834DD2-6FD4-4A70-AAAF-EF1814DF0732",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7pjy:*:*:*:*:*:*:*",
              "matchCriteriaId": "93745511-0B33-4F55-9021-318B751087A7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i3cyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "72DFFFA1-B4CD-44FA-9FDB-1DCC39E06491",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i5bex:*:*:*:*:*:*:*",
              "matchCriteriaId": "A23E8A97-3460-4C6F-BA5C-0188DF367AB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7bex:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D44CAA8-EAA5-4997-8C43-169D96776D0F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hnk:*:*:*:*:*:*:*",
              "matchCriteriaId": "D86F9BA9-430F-4081-925F-0F59E1ADF1D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hvk:*:*:*:*:*:*:*",
              "matchCriteriaId": "88A2B949-34AB-4C5D-84C0-CC502A887208",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:compute_card_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F811493-1AB4-47BC-B942-2E93A7349843",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1c64gk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F05A36D1-E417-4904-9DBB-C5828F6521B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1iv128mk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFEA643F-FE21-45B0-AC74-D87D7D864D10",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1m3128mk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FA6131-F3C8-4B98-B4E8-C320C262F750",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1p64gk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E3D93D1-5772-4806-9428-9AB26B32D210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:compute_stick_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B4308-A49D-487D-A04D-FE34235F61C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stck1a32wfc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E453448C-AA11-48E3-8423-60E62A10D0CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stck1a8lfc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17AA0B4A-67AF-466E-BCA6-A8654CA99406",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2m364cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4E8B2EE-302C-4019-A20E-025AAB7E8C9E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2m3w64cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9A90BE5-6136-43A9-BC91-9474D3D0EEF6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2mv64cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B0C9D80-37A3-43E5-B818-55532F613436",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insufficient session validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
    },
    {
      "lang": "es",
      "value": "Una validaci\u00f3n de sesi\u00f3n insuficiente en system firmware para Inte(R) NUC Kit puede permitir a usuario privilegiado para habilitar potencialmente un aumento de de privilegios, denegaci\u00f3n de servicio, y/o revelaci\u00f3n de informaci\u00f3n a trav\u00e9s de acceso local."
    }
  ],
  "id": "CVE-2019-11123",
  "lastModified": "2024-11-21T04:20:34.400",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-06-13T16:29:01.357",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108766"
    },
    {
      "source": "secure@intel.com",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
    },
    {
      "source": "nvd@nist.gov",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108766"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-06-13 16:29
Modified
2024-11-21 04:20
Severity ?
6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Buffer overflow in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
References
secure@intel.comhttp://www.securityfocus.com/bid/108766Third Party Advisory, VDB Entry
secure@intel.comhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html
nvd@nist.govhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/108766Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html
Impacted products
Vendor Product Version
intel nuc_kit_firmware -
intel nuc_kit_nuc8i3bex -
intel nuc_kit_nuc8i3bex nuc_kit_d34010wyx
intel nuc_kit_nuc8i3bex nuc_kit_d54250wyx
intel nuc_kit_nuc8i3bex nuc_kit_de3815tyb
intel nuc_kit_nuc8i3bex nuc_kit_dn2820fykh
intel nuc_kit_nuc8i3bex nuc_kit_nuc5cpyh
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i3myx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i3ryx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i5myx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i5ryx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i7ryx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5pgyh
intel nuc_kit_nuc8i3bex nuc_kit_nuc5ppyh
intel nuc_kit_nuc8i3bex nuc_kit_nuc6cayx
intel nuc_kit_nuc8i3bex nuc_kit_nuc6i3syx
intel nuc_kit_nuc8i3bex nuc_kit_nuc6i5syx
intel nuc_kit_nuc8i3bex nuc_kit_nuc6i7kyk
intel nuc_kit_nuc8i3bex nuc_kit_nuc7cjy
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i3bnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i3dnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i5bnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i5dnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i7bnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i7dnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7pjy
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i3cyx
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i5bex
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i7bex
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i7hnk
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i7hvk
intel compute_card_firmware -
intel compute_card_cd1c64gk -
intel compute_card_cd1iv128mk -
intel compute_card_cd1m3128mk -
intel compute_card_cd1p64gk -
intel compute_stick_firmware -
intel compute_stick_stck1a32wfc -
intel compute_stick_stck1a8lfc -
intel compute_stick_stk2m364cc -
intel compute_stick_stk2m3w64cc -
intel compute_stick_stk2mv64cc -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:nuc_kit_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71AA56A6-EB26-4A62-83EC-6961BC24D4DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88D13413-C312-450A-90D5-48BEB1A9036E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d34010wyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4C02113-34E3-4C07-93D3-4AA22E9217DF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d54250wyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0E48A01-63CF-4C0F-836B-2BB06A28094F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_de3815tyb:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ED26383-FE24-4730-9593-1B87B51AA651",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_dn2820fykh:*:*:*:*:*:*:*",
              "matchCriteriaId": "633D585D-B1A7-4DEF-AC47-F513088F94FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5cpyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "77D3091A-D8C4-40AD-958C-C1CDB7C250EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3myx:*:*:*:*:*:*:*",
              "matchCriteriaId": "97C44293-9E69-4E3E-A59B-27138066B105",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B548392-6051-44CA-B8A8-DB3886CE7FBF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5myx:*:*:*:*:*:*:*",
              "matchCriteriaId": "511FE5B3-5AE5-4428-BA4A-5B45941D9B62",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC61C3BA-8456-4851-A1F0-E1D6A47F938E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i7ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "E96F930E-F0E1-4611-B205-E0169ECD9491",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5pgyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2B59679-B316-46FC-9426-72A8D95B0DE7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5ppyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8728A26-E1A4-4215-8FFE-3638782DA739",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6cayx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6637B704-3905-4F6A-A2CF-DB18E2A776C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i3syx:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE1C6ED2-180E-4C53-8B3A-A9A67FEE2FDA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i5syx:*:*:*:*:*:*:*",
              "matchCriteriaId": "548B342B-0E6C-4E74-BF67-450D0E84BA9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i7kyk:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BBFF3B1-237E-4E0D-8B94-E9F2215851E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7cjy:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD5262A4-2C3B-4801-870B-3F4D431DEC46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F5E5C2-F307-45CF-ABAF-89164FF2746B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF1903DA-B3FF-4B9B-941D-6F9AD0EBF2A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "57B2AFD1-357D-473A-A5A1-ED8F20FBE3A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5CDAC90-836E-45B3-BFA3-32268E54064A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B8FE994-6637-4109-A050-C98A0A1BEFEA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "09834DD2-6FD4-4A70-AAAF-EF1814DF0732",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7pjy:*:*:*:*:*:*:*",
              "matchCriteriaId": "93745511-0B33-4F55-9021-318B751087A7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i3cyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "72DFFFA1-B4CD-44FA-9FDB-1DCC39E06491",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i5bex:*:*:*:*:*:*:*",
              "matchCriteriaId": "A23E8A97-3460-4C6F-BA5C-0188DF367AB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7bex:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D44CAA8-EAA5-4997-8C43-169D96776D0F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hnk:*:*:*:*:*:*:*",
              "matchCriteriaId": "D86F9BA9-430F-4081-925F-0F59E1ADF1D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hvk:*:*:*:*:*:*:*",
              "matchCriteriaId": "88A2B949-34AB-4C5D-84C0-CC502A887208",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:compute_card_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F811493-1AB4-47BC-B942-2E93A7349843",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1c64gk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F05A36D1-E417-4904-9DBB-C5828F6521B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1iv128mk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFEA643F-FE21-45B0-AC74-D87D7D864D10",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1m3128mk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FA6131-F3C8-4B98-B4E8-C320C262F750",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1p64gk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E3D93D1-5772-4806-9428-9AB26B32D210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:compute_stick_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B4308-A49D-487D-A04D-FE34235F61C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stck1a32wfc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E453448C-AA11-48E3-8423-60E62A10D0CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stck1a8lfc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17AA0B4A-67AF-466E-BCA6-A8654CA99406",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2m364cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4E8B2EE-302C-4019-A20E-025AAB7E8C9E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2m3w64cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9A90BE5-6136-43A9-BC91-9474D3D0EEF6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2mv64cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B0C9D80-37A3-43E5-B818-55532F613436",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento en el Buffer en el system Firmware para Inte(R) NUC KIT puede permitir a un usuario privilegiado habilitar potencialmente un aumento de denegaci\u00f3n de servicio y/o revelaci\u00f3n de informaci\u00f3n a trav\u00e9s del acceso local"
    }
  ],
  "id": "CVE-2019-11127",
  "lastModified": "2024-11-21T04:20:34.887",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-06-13T16:29:01.497",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108766"
    },
    {
      "source": "secure@intel.com",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
    },
    {
      "source": "nvd@nist.gov",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108766"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-06-13 16:29
Modified
2024-11-21 04:20
Severity ?
6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
References
secure@intel.comhttp://www.securityfocus.com/bid/108766Third Party Advisory, VDB Entry
secure@intel.comhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html
nvd@nist.govhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/108766Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html
Impacted products
Vendor Product Version
intel nuc_kit_firmware -
intel nuc_kit_nuc8i3bex -
intel nuc_kit_nuc8i3bex nuc_kit_d34010wyx
intel nuc_kit_nuc8i3bex nuc_kit_d54250wyx
intel nuc_kit_nuc8i3bex nuc_kit_de3815tyb
intel nuc_kit_nuc8i3bex nuc_kit_dn2820fykh
intel nuc_kit_nuc8i3bex nuc_kit_nuc5cpyh
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i3myx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i3ryx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i5myx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i5ryx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i7ryx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5pgyh
intel nuc_kit_nuc8i3bex nuc_kit_nuc5ppyh
intel nuc_kit_nuc8i3bex nuc_kit_nuc6cayx
intel nuc_kit_nuc8i3bex nuc_kit_nuc6i3syx
intel nuc_kit_nuc8i3bex nuc_kit_nuc6i5syx
intel nuc_kit_nuc8i3bex nuc_kit_nuc6i7kyk
intel nuc_kit_nuc8i3bex nuc_kit_nuc7cjy
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i3bnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i3dnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i5bnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i5dnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i7bnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i7dnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7pjy
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i3cyx
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i5bex
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i7bex
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i7hnk
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i7hvk
intel compute_card_firmware -
intel compute_card_cd1c64gk -
intel compute_card_cd1iv128mk -
intel compute_card_cd1m3128mk -
intel compute_card_cd1p64gk -
intel compute_stick_firmware -
intel compute_stick_stck1a32wfc -
intel compute_stick_stck1a8lfc -
intel compute_stick_stk2m364cc -
intel compute_stick_stk2m3w64cc -
intel compute_stick_stk2mv64cc -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:nuc_kit_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71AA56A6-EB26-4A62-83EC-6961BC24D4DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88D13413-C312-450A-90D5-48BEB1A9036E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d34010wyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4C02113-34E3-4C07-93D3-4AA22E9217DF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d54250wyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0E48A01-63CF-4C0F-836B-2BB06A28094F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_de3815tyb:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ED26383-FE24-4730-9593-1B87B51AA651",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_dn2820fykh:*:*:*:*:*:*:*",
              "matchCriteriaId": "633D585D-B1A7-4DEF-AC47-F513088F94FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5cpyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "77D3091A-D8C4-40AD-958C-C1CDB7C250EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3myx:*:*:*:*:*:*:*",
              "matchCriteriaId": "97C44293-9E69-4E3E-A59B-27138066B105",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B548392-6051-44CA-B8A8-DB3886CE7FBF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5myx:*:*:*:*:*:*:*",
              "matchCriteriaId": "511FE5B3-5AE5-4428-BA4A-5B45941D9B62",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC61C3BA-8456-4851-A1F0-E1D6A47F938E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i7ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "E96F930E-F0E1-4611-B205-E0169ECD9491",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5pgyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2B59679-B316-46FC-9426-72A8D95B0DE7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5ppyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8728A26-E1A4-4215-8FFE-3638782DA739",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6cayx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6637B704-3905-4F6A-A2CF-DB18E2A776C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i3syx:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE1C6ED2-180E-4C53-8B3A-A9A67FEE2FDA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i5syx:*:*:*:*:*:*:*",
              "matchCriteriaId": "548B342B-0E6C-4E74-BF67-450D0E84BA9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i7kyk:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BBFF3B1-237E-4E0D-8B94-E9F2215851E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7cjy:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD5262A4-2C3B-4801-870B-3F4D431DEC46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F5E5C2-F307-45CF-ABAF-89164FF2746B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF1903DA-B3FF-4B9B-941D-6F9AD0EBF2A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "57B2AFD1-357D-473A-A5A1-ED8F20FBE3A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5CDAC90-836E-45B3-BFA3-32268E54064A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B8FE994-6637-4109-A050-C98A0A1BEFEA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "09834DD2-6FD4-4A70-AAAF-EF1814DF0732",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7pjy:*:*:*:*:*:*:*",
              "matchCriteriaId": "93745511-0B33-4F55-9021-318B751087A7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i3cyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "72DFFFA1-B4CD-44FA-9FDB-1DCC39E06491",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i5bex:*:*:*:*:*:*:*",
              "matchCriteriaId": "A23E8A97-3460-4C6F-BA5C-0188DF367AB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7bex:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D44CAA8-EAA5-4997-8C43-169D96776D0F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hnk:*:*:*:*:*:*:*",
              "matchCriteriaId": "D86F9BA9-430F-4081-925F-0F59E1ADF1D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hvk:*:*:*:*:*:*:*",
              "matchCriteriaId": "88A2B949-34AB-4C5D-84C0-CC502A887208",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:compute_card_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F811493-1AB4-47BC-B942-2E93A7349843",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1c64gk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F05A36D1-E417-4904-9DBB-C5828F6521B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1iv128mk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFEA643F-FE21-45B0-AC74-D87D7D864D10",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1m3128mk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FA6131-F3C8-4B98-B4E8-C320C262F750",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1p64gk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E3D93D1-5772-4806-9428-9AB26B32D210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:compute_stick_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B4308-A49D-487D-A04D-FE34235F61C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stck1a32wfc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E453448C-AA11-48E3-8423-60E62A10D0CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stck1a8lfc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17AA0B4A-67AF-466E-BCA6-A8654CA99406",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2m364cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4E8B2EE-302C-4019-A20E-025AAB7E8C9E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2m3w64cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9A90BE5-6136-43A9-BC91-9474D3D0EEF6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2mv64cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B0C9D80-37A3-43E5-B818-55532F613436",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
    },
    {
      "lang": "es",
      "value": "El software de lectura / escritura fuera del enlace para el kit Intel (R) NUC puede permitir a un usuario privilegiado habilitar potencialmente el aumento de privilegios, la denegaci\u00f3n de servicio y / o la divulgaci\u00f3n de informaci\u00f3n a trav\u00e9s del acceso local"
    }
  ],
  "id": "CVE-2019-11124",
  "lastModified": "2024-11-21T04:20:34.530",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-06-13T16:29:01.387",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108766"
    },
    {
      "source": "secure@intel.com",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
    },
    {
      "source": "nvd@nist.gov",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108766"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        },
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-06-13 16:29
Modified
2024-11-21 04:20
Severity ?
6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Insufficient input validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
References
secure@intel.comhttp://www.securityfocus.com/bid/108766Third Party Advisory, VDB Entry
secure@intel.comhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html
nvd@nist.govhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/108766Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html
Impacted products
Vendor Product Version
intel nuc_kit_firmware -
intel nuc_kit_nuc8i3bex -
intel nuc_kit_nuc8i3bex nuc_kit_d34010wyx
intel nuc_kit_nuc8i3bex nuc_kit_d54250wyx
intel nuc_kit_nuc8i3bex nuc_kit_de3815tyb
intel nuc_kit_nuc8i3bex nuc_kit_dn2820fykh
intel nuc_kit_nuc8i3bex nuc_kit_nuc5cpyh
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i3myx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i3ryx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i5myx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i5ryx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i7ryx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5pgyh
intel nuc_kit_nuc8i3bex nuc_kit_nuc5ppyh
intel nuc_kit_nuc8i3bex nuc_kit_nuc6cayx
intel nuc_kit_nuc8i3bex nuc_kit_nuc6i3syx
intel nuc_kit_nuc8i3bex nuc_kit_nuc6i5syx
intel nuc_kit_nuc8i3bex nuc_kit_nuc6i7kyk
intel nuc_kit_nuc8i3bex nuc_kit_nuc7cjy
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i3bnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i3dnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i5bnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i5dnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i7bnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i7dnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7pjy
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i3cyx
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i5bex
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i7bex
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i7hnk
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i7hvk
intel compute_card_firmware -
intel compute_card_cd1c64gk -
intel compute_card_cd1iv128mk -
intel compute_card_cd1m3128mk -
intel compute_card_cd1p64gk -
intel compute_stick_firmware -
intel compute_stick_stck1a32wfc -
intel compute_stick_stck1a8lfc -
intel compute_stick_stk2m364cc -
intel compute_stick_stk2m3w64cc -
intel compute_stick_stk2mv64cc -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:nuc_kit_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71AA56A6-EB26-4A62-83EC-6961BC24D4DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88D13413-C312-450A-90D5-48BEB1A9036E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d34010wyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4C02113-34E3-4C07-93D3-4AA22E9217DF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d54250wyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0E48A01-63CF-4C0F-836B-2BB06A28094F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_de3815tyb:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ED26383-FE24-4730-9593-1B87B51AA651",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_dn2820fykh:*:*:*:*:*:*:*",
              "matchCriteriaId": "633D585D-B1A7-4DEF-AC47-F513088F94FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5cpyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "77D3091A-D8C4-40AD-958C-C1CDB7C250EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3myx:*:*:*:*:*:*:*",
              "matchCriteriaId": "97C44293-9E69-4E3E-A59B-27138066B105",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B548392-6051-44CA-B8A8-DB3886CE7FBF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5myx:*:*:*:*:*:*:*",
              "matchCriteriaId": "511FE5B3-5AE5-4428-BA4A-5B45941D9B62",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC61C3BA-8456-4851-A1F0-E1D6A47F938E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i7ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "E96F930E-F0E1-4611-B205-E0169ECD9491",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5pgyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2B59679-B316-46FC-9426-72A8D95B0DE7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5ppyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8728A26-E1A4-4215-8FFE-3638782DA739",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6cayx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6637B704-3905-4F6A-A2CF-DB18E2A776C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i3syx:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE1C6ED2-180E-4C53-8B3A-A9A67FEE2FDA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i5syx:*:*:*:*:*:*:*",
              "matchCriteriaId": "548B342B-0E6C-4E74-BF67-450D0E84BA9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i7kyk:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BBFF3B1-237E-4E0D-8B94-E9F2215851E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7cjy:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD5262A4-2C3B-4801-870B-3F4D431DEC46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F5E5C2-F307-45CF-ABAF-89164FF2746B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF1903DA-B3FF-4B9B-941D-6F9AD0EBF2A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "57B2AFD1-357D-473A-A5A1-ED8F20FBE3A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5CDAC90-836E-45B3-BFA3-32268E54064A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B8FE994-6637-4109-A050-C98A0A1BEFEA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "09834DD2-6FD4-4A70-AAAF-EF1814DF0732",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7pjy:*:*:*:*:*:*:*",
              "matchCriteriaId": "93745511-0B33-4F55-9021-318B751087A7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i3cyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "72DFFFA1-B4CD-44FA-9FDB-1DCC39E06491",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i5bex:*:*:*:*:*:*:*",
              "matchCriteriaId": "A23E8A97-3460-4C6F-BA5C-0188DF367AB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7bex:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D44CAA8-EAA5-4997-8C43-169D96776D0F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hnk:*:*:*:*:*:*:*",
              "matchCriteriaId": "D86F9BA9-430F-4081-925F-0F59E1ADF1D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hvk:*:*:*:*:*:*:*",
              "matchCriteriaId": "88A2B949-34AB-4C5D-84C0-CC502A887208",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:compute_card_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F811493-1AB4-47BC-B942-2E93A7349843",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1c64gk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F05A36D1-E417-4904-9DBB-C5828F6521B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1iv128mk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFEA643F-FE21-45B0-AC74-D87D7D864D10",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1m3128mk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FA6131-F3C8-4B98-B4E8-C320C262F750",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1p64gk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E3D93D1-5772-4806-9428-9AB26B32D210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:compute_stick_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B4308-A49D-487D-A04D-FE34235F61C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stck1a32wfc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E453448C-AA11-48E3-8423-60E62A10D0CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stck1a8lfc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17AA0B4A-67AF-466E-BCA6-A8654CA99406",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2m364cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4E8B2EE-302C-4019-A20E-025AAB7E8C9E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2m3w64cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9A90BE5-6136-43A9-BC91-9474D3D0EEF6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2mv64cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B0C9D80-37A3-43E5-B818-55532F613436",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insufficient input validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
    },
    {
      "lang": "es",
      "value": "Una validaci\u00f3n de entrada insuficiente en system firmware para Intel(R) NUC Kit puede permitir a un usuario privilegiado habilitar potencialmente un aumento de privilegio, denegaci\u00f3n , de servicio, y/o revelaci\u00f3n de informaci\u00f3n a trav\u00e9s del acceso local."
    }
  ],
  "id": "CVE-2019-11125",
  "lastModified": "2024-11-21T04:20:34.643",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-06-13T16:29:01.420",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108766"
    },
    {
      "source": "secure@intel.com",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
    },
    {
      "source": "nvd@nist.gov",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108766"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-06-13 16:29
Modified
2024-11-21 04:20
Severity ?
6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
References
secure@intel.comhttp://www.securityfocus.com/bid/108766Third Party Advisory, VDB Entry
secure@intel.comhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html
nvd@nist.govhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/108766Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html
Impacted products
Vendor Product Version
intel nuc_kit_firmware -
intel nuc_kit_nuc8i3bex -
intel nuc_kit_nuc8i3bex nuc_kit_d34010wyx
intel nuc_kit_nuc8i3bex nuc_kit_d54250wyx
intel nuc_kit_nuc8i3bex nuc_kit_de3815tyb
intel nuc_kit_nuc8i3bex nuc_kit_dn2820fykh
intel nuc_kit_nuc8i3bex nuc_kit_nuc5cpyh
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i3myx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i3ryx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i5myx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i5ryx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5i7ryx
intel nuc_kit_nuc8i3bex nuc_kit_nuc5pgyh
intel nuc_kit_nuc8i3bex nuc_kit_nuc5ppyh
intel nuc_kit_nuc8i3bex nuc_kit_nuc6cayx
intel nuc_kit_nuc8i3bex nuc_kit_nuc6i3syx
intel nuc_kit_nuc8i3bex nuc_kit_nuc6i5syx
intel nuc_kit_nuc8i3bex nuc_kit_nuc6i7kyk
intel nuc_kit_nuc8i3bex nuc_kit_nuc7cjy
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i3bnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i3dnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i5bnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i5dnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i7bnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7i7dnx
intel nuc_kit_nuc8i3bex nuc_kit_nuc7pjy
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i3cyx
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i5bex
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i7bex
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i7hnk
intel nuc_kit_nuc8i3bex nuc_kit_nuc8i7hvk
intel compute_card_firmware -
intel compute_card_cd1c64gk -
intel compute_card_cd1iv128mk -
intel compute_card_cd1m3128mk -
intel compute_card_cd1p64gk -
intel compute_stick_firmware -
intel compute_stick_stck1a32wfc -
intel compute_stick_stck1a8lfc -
intel compute_stick_stk2m364cc -
intel compute_stick_stk2m3w64cc -
intel compute_stick_stk2mv64cc -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:nuc_kit_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71AA56A6-EB26-4A62-83EC-6961BC24D4DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88D13413-C312-450A-90D5-48BEB1A9036E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d34010wyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4C02113-34E3-4C07-93D3-4AA22E9217DF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d54250wyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0E48A01-63CF-4C0F-836B-2BB06A28094F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_de3815tyb:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ED26383-FE24-4730-9593-1B87B51AA651",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_dn2820fykh:*:*:*:*:*:*:*",
              "matchCriteriaId": "633D585D-B1A7-4DEF-AC47-F513088F94FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5cpyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "77D3091A-D8C4-40AD-958C-C1CDB7C250EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3myx:*:*:*:*:*:*:*",
              "matchCriteriaId": "97C44293-9E69-4E3E-A59B-27138066B105",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B548392-6051-44CA-B8A8-DB3886CE7FBF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5myx:*:*:*:*:*:*:*",
              "matchCriteriaId": "511FE5B3-5AE5-4428-BA4A-5B45941D9B62",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC61C3BA-8456-4851-A1F0-E1D6A47F938E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i7ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "E96F930E-F0E1-4611-B205-E0169ECD9491",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5pgyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2B59679-B316-46FC-9426-72A8D95B0DE7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5ppyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8728A26-E1A4-4215-8FFE-3638782DA739",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6cayx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6637B704-3905-4F6A-A2CF-DB18E2A776C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i3syx:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE1C6ED2-180E-4C53-8B3A-A9A67FEE2FDA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i5syx:*:*:*:*:*:*:*",
              "matchCriteriaId": "548B342B-0E6C-4E74-BF67-450D0E84BA9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i7kyk:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BBFF3B1-237E-4E0D-8B94-E9F2215851E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7cjy:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD5262A4-2C3B-4801-870B-3F4D431DEC46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F5E5C2-F307-45CF-ABAF-89164FF2746B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF1903DA-B3FF-4B9B-941D-6F9AD0EBF2A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "57B2AFD1-357D-473A-A5A1-ED8F20FBE3A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5CDAC90-836E-45B3-BFA3-32268E54064A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B8FE994-6637-4109-A050-C98A0A1BEFEA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "09834DD2-6FD4-4A70-AAAF-EF1814DF0732",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7pjy:*:*:*:*:*:*:*",
              "matchCriteriaId": "93745511-0B33-4F55-9021-318B751087A7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i3cyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "72DFFFA1-B4CD-44FA-9FDB-1DCC39E06491",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i5bex:*:*:*:*:*:*:*",
              "matchCriteriaId": "A23E8A97-3460-4C6F-BA5C-0188DF367AB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7bex:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D44CAA8-EAA5-4997-8C43-169D96776D0F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hnk:*:*:*:*:*:*:*",
              "matchCriteriaId": "D86F9BA9-430F-4081-925F-0F59E1ADF1D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hvk:*:*:*:*:*:*:*",
              "matchCriteriaId": "88A2B949-34AB-4C5D-84C0-CC502A887208",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:compute_card_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F811493-1AB4-47BC-B942-2E93A7349843",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1c64gk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F05A36D1-E417-4904-9DBB-C5828F6521B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1iv128mk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFEA643F-FE21-45B0-AC74-D87D7D864D10",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1m3128mk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FA6131-F3C8-4B98-B4E8-C320C262F750",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1p64gk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E3D93D1-5772-4806-9428-9AB26B32D210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:compute_stick_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B4308-A49D-487D-A04D-FE34235F61C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stck1a32wfc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E453448C-AA11-48E3-8423-60E62A10D0CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stck1a8lfc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17AA0B4A-67AF-466E-BCA6-A8654CA99406",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2m364cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4E8B2EE-302C-4019-A20E-025AAB7E8C9E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2m3w64cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9A90BE5-6136-43A9-BC91-9474D3D0EEF6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2mv64cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B0C9D80-37A3-43E5-B818-55532F613436",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
    },
    {
      "lang": "es",
      "value": "el software  lectura/escritura Fuera del l\u00edmite en system firmware para InteI NUC Kit puede permitir a un usuario privilegiado habilitar potencialmente un amento  de privilegios de denegaci\u00f3n de servicio y / o revelaci\u00f3n de informaci\u00f3n a trav\u00e9s del acceso local."
    }
  ],
  "id": "CVE-2019-11129",
  "lastModified": "2024-11-21T04:20:35.123",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-06-13T16:29:01.577",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108766"
    },
    {
      "source": "secure@intel.com",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
    },
    {
      "source": "nvd@nist.gov",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108766"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        },
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}