cvelistv5 - cve-2019-11094

cve-2019-11094

Vulnerability from cvelistv5

Published

2019-05-17 15:41

Modified

2024-08-04 22:40

Severity ?

Summary

References

▼	URL	Tags
	secure@intel.com	https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html	Not Applicable
	af854a3a-2127-422b-91ae-364da2661108	https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html	Not Applicable

Impacted products

Vendor

Product

Version

▼

n/a

Intel (R) NUC

Version: Kit NUC8i7HNK BIOS and Kit NUC8i7HVK BIOS before version 0054. Kit NUC7i7DNHE BIOS, Kit NUC7i7DNKE BIOS, Kit NUC7i5DNHE, Kit NUC7i5DNHE and Board NUC7i7DNBE BIOS before version 0062.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:40:16.357Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel (R) NUC",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Kit NUC8i7HNK BIOS and Kit NUC8i7HVK BIOS before version 0054. Kit NUC7i7DNHE BIOS, Kit NUC7i7DNKE BIOS, Kit NUC7i5DNHE, Kit NUC7i5DNHE and Board NUC7i7DNBE BIOS before version 0062."
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Escalation of Privilege",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-17T15:41:37",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2019-11094",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel (R) NUC",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Kit NUC8i7HNK BIOS and Kit NUC8i7HVK BIOS before version 0054. Kit NUC7i7DNHE BIOS, Kit NUC7i7DNKE BIOS, Kit NUC7i5DNHE, Kit NUC7i5DNHE and Board NUC7i7DNBE BIOS before version 0062."
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Escalation of Privilege"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html",
              "refsource": "MISC",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2019-11094",
    "datePublished": "2019-05-17T15:41:37",
    "dateReserved": "2019-04-11T00:00:00",
    "dateUpdated": "2024-08-04T22:40:16.357Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:nuc_kit_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71AA56A6-EB26-4A62-83EC-6961BC24D4DA\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:nuc_kit_d33217gke:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"02BFB59F-D932-43E5-9A41-3AE3A9047DCE\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:nuc_kit_d53427rke:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"412647D8-EA12-4EE6-A2D3-71DDFD963BF4\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:nuc_kit_d54250wyb:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8DB94BE-7F38-4029-954E-EFE1AC614798\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:nuc_kit_de3815tybe:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F83FBC94-6D65-4A44-992D-2A5AECC59E49\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:nuc_kit_dn2820fykh:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"738AD9B2-1055-42D0-8D16-205340BE3BE7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:nuc_kit_nuc5cpyh:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4EB62714-4F2E-4980-9898-BBC4B06085F2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:nuc_kit_nuc5i3myhe:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"97B8B238-D4DA-40A8-92CD-42B0EB6B1E2E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:nuc_kit_nuc5i5myhe:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB5226BE-680C-4915-AB23-EABC588DCC0B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:nuc_kit_nuc5i7ryh:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"03D56B57-D4CD-47E9-AE86-B1307D3609B7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:nuc_kit_nuc5pgyh:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9ED06A8-FABF-431E-A5F4-F1B50E1F51B8\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:nuc_kit_nuc6cays:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5A261B82-5F54-4556-B1D1-53F0CFDF1830\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:nuc_kit_nuc6i5syh:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3892CA36-86BF-4861-8C32-657212EABC92\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:nuc_kit_nuc6i7kyk:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5CC80B8F-D912-40D3-90AF-00DDF6A91AED\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:nuc_kit_nuc7cjyh:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"573F0989-6A34-4595-A298-EA1B88C61BD9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:nuc_kit_nuc7i3dnhe:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3143ABA5-9741-4CD2-AB9A-A7600EA6E32F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:nuc_kit_nuc7i5dnke:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2EF7E820-8567-4E9A-8247-5E1665FFF8BC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:nuc_kit_nuc7i7bnh:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0DE3105-8418-4CA3-80B0-5EE4E394D58F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:nuc_kit_nuc7i7dnke:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DFDFEB2-B10D-489E-B51C-10FA84E65858\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:nuc_kit_nuc8i7hnk:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"244CD6EC-780A-405E-8CFA-666A666FF7D5\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access.\"}, {\"lang\": \"es\", \"value\": \"La validaci\\u00f3n de entrada insuficiente en el firmware del sistema para Intel (R) NUC Kit puede permitir que un usuario autenticado habilite potencialmente el aumento de privilegios, la denegaci\\u00f3n de servicio y/o la divulgaci\\u00f3n de informaci\\u00f3n mediante un acceso local.\"}]",
      "id": "CVE-2019-11094",
      "lastModified": "2024-11-21T04:20:31.577",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 4.6, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-05-17T16:29:03.187",
      "references": "[{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html\", \"source\": \"secure@intel.com\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Not Applicable\"]}]",
      "sourceIdentifier": "secure@intel.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-11094\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2019-05-17T16:29:03.187\",\"lastModified\":\"2024-11-21T04:20:31.577\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access.\"},{\"lang\":\"es\",\"value\":\"La validaci\u00f3n de entrada insuficiente en el firmware del sistema para Intel (R) NUC Kit puede permitir que un usuario autenticado habilite potencialmente el aumento de privilegios, la denegaci\u00f3n de servicio y/o la divulgaci\u00f3n de informaci\u00f3n mediante un acceso local.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:nuc_kit_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71AA56A6-EB26-4A62-83EC-6961BC24D4DA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_d33217gke:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02BFB59F-D932-43E5-9A41-3AE3A9047DCE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_d53427rke:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"412647D8-EA12-4EE6-A2D3-71DDFD963BF4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_d54250wyb:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8DB94BE-7F38-4029-954E-EFE1AC614798\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_de3815tybe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F83FBC94-6D65-4A44-992D-2A5AECC59E49\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_dn2820fykh:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"738AD9B2-1055-42D0-8D16-205340BE3BE7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc5cpyh:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EB62714-4F2E-4980-9898-BBC4B06085F2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc5i3myhe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97B8B238-D4DA-40A8-92CD-42B0EB6B1E2E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc5i5myhe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB5226BE-680C-4915-AB23-EABC588DCC0B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc5i7ryh:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03D56B57-D4CD-47E9-AE86-B1307D3609B7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc5pgyh:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9ED06A8-FABF-431E-A5F4-F1B50E1F51B8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc6cays:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A261B82-5F54-4556-B1D1-53F0CFDF1830\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc6i5syh:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3892CA36-86BF-4861-8C32-657212EABC92\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc6i7kyk:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CC80B8F-D912-40D3-90AF-00DDF6A91AED\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc7cjyh:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"573F0989-6A34-4595-A298-EA1B88C61BD9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc7i3dnhe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3143ABA5-9741-4CD2-AB9A-A7600EA6E32F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc7i5dnke:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EF7E820-8567-4E9A-8247-5E1665FFF8BC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc7i7bnh:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0DE3105-8418-4CA3-80B0-5EE4E394D58F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc7i7dnke:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DFDFEB2-B10D-489E-B51C-10FA84E65858\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i7hnk:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"244CD6EC-780A-405E-8CFA-666A666FF7D5\"}]}]}],\"references\":[{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]}]}}"
  }
}

gsd-2019-11094

Vulnerability from gsd

Modified

2023-12-13 01:24

Details

Aliases

CVE-2019-11094

Aliases

CVE-2019-11094

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-11094",
    "description": "Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access.",
    "id": "GSD-2019-11094"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-11094"
      ],
      "details": "Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access.",
      "id": "GSD-2019-11094",
      "modified": "2023-12-13T01:24:02.650537Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@intel.com",
        "ID": "CVE-2019-11094",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Intel (R) NUC",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Kit NUC8i7HNK BIOS and Kit NUC8i7HVK BIOS before version 0054. Kit NUC7i7DNHE BIOS, Kit NUC7i7DNKE BIOS, Kit NUC7i5DNHE, Kit NUC7i5DNHE and Board NUC7i7DNBE BIOS before version 0062."
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Escalation of Privilege"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html",
            "refsource": "MISC",
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc_kit_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc6cays:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc6i5syh:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc6i7kyk:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc7cjyh:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc7i3dnhe:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_d33217gke:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc5i5myhe:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc5pgyh:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc7i7bnh:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i7hnk:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_d54250wyb:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_de3815tybe:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_dn2820fykh:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc5cpyh:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_d53427rke:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc5i3myhe:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc5i7ryh:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc7i5dnke:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc7i7dnke:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2019-11094"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html",
              "refsource": "MISC",
              "tags": [
                "Not Applicable"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-05-21T14:35Z",
      "publishedDate": "2019-05-17T16:29Z"
    }
  }
}

Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access. Intel NUC Kit is a small desktop computer produced by Intel Corporation of the United States. The vulnerability stems from the failure of the network system or product to properly validate the input data

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201905-1250",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "nuc kit",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "acu wizard",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "active management technology",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "converged security management engine",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "driver and support assistant",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "dynamic application loader",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "i915",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc board nuc7i7dnbe",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc kit nuc7i5dnhe",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc kit nuc7i7dnhe",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc kit nuc7i7dnke",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc kit nuc8i7hnk",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc kit nuc8i7hvk",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "proset/wireless software driver",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "quartus ii programmer and tools",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "server platform services",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "trusted execution engine",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "intel",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "quartus prime",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "scs discovery utility",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "unite client",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "graphics driver",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc kit",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003441"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004711"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11094"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc_kit_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc6cays:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc6i5syh:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc6i7kyk:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc7cjyh:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc7i3dnhe:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_d33217gke:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc5i5myhe:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc5pgyh:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc7i7bnh:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i7hnk:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_d54250wyb:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_de3815tybe:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_dn2820fykh:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc5cpyh:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_d53427rke:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc5i3myhe:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc5i7ryh:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc7i5dnke:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc7i7dnke:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-11094"
      }
    ]
  },
  "cve": "CVE-2019-11094",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 4.6,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2019-11094",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "VHN-142706",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2019-11094",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2019-11094",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201905-765",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-142706",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2019-11094",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142706"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-11094"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004711"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11094"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-765"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access. Intel NUC Kit is a small desktop computer produced by Intel Corporation of the United States. The vulnerability stems from the failure of the network system or product to properly validate the input data",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-11094"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004711"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142706"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-11094"
      }
    ],
    "trust": 1.8
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-11094",
        "trust": 2.6
      },
      {
        "db": "JVN",
        "id": "JVNVU92328381",
        "trust": 1.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003441",
        "trust": 1.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004711",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-765",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-142706",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-11094",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142706"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-11094"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003441"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004711"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11094"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-765"
      }
    ]
  },
  "id": "VAR-201905-1250",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142706"
      }
    ],
    "trust": 0.5634760725000001
  },
  "last_update_date": "2023-12-18T10:43:34.779000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "INTEL-SA-00251 - IntelR NUC Advisory",
        "trust": 1.6,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
      },
      {
        "title": "INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html"
      },
      {
        "title": "INTEL-SA-00244 - IntelR QuartusR Software Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html"
      },
      {
        "title": "INTEL-SA-00245 - Intel UniteR Client for Android* Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html"
      },
      {
        "title": "INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html"
      },
      {
        "title": "INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html"
      },
      {
        "title": "INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
      },
      {
        "title": "INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html"
      },
      {
        "title": "INTEL-SA-00252 - IntelR Driver \u0026 Support Assistant Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html"
      },
      {
        "title": "INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html"
      },
      {
        "title": "INTEL-SA-00228 - Intel UniteR Client Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html"
      },
      {
        "title": "INTEL-SA-00233 - Microarchitectural Data Sampling Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html"
      },
      {
        "title": "Threatpost",
        "trust": 0.1,
        "url": "https://threatpost.com/intel-patches-high-severity-flaw-in-processor-diagnostic-tool/146352/"
      },
      {
        "title": "Threatpost",
        "trust": 0.1,
        "url": "https://threatpost.com/intel-patches-nuc-firmware/145620/"
      },
      {
        "title": "Threatpost",
        "trust": 0.1,
        "url": "https://threatpost.com/intel-fixes-critical-high-severity-flaws-across-several-products/144940/"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2019-11094"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003441"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004711"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142706"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004711"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11094"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11094"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu92328381/index.html"
      },
      {
        "trust": 0.8,
        "url": "https://mdsattacks.com/files/ridl.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://mdsattacks.com/files/fallout.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://zombieloadattack.com/"
      },
      {
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11094"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu92328381/"
      },
      {
        "trust": 0.8,
        "url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/20.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://threatpost.com/intel-patches-high-severity-flaw-in-processor-diagnostic-tool/146352/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142706"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-11094"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003441"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004711"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11094"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-765"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-142706"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-11094"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003441"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004711"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11094"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-765"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142706"
      },
      {
        "date": "2019-05-17T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-11094"
      },
      {
        "date": "2019-05-16T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-003441"
      },
      {
        "date": "2019-06-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004711"
      },
      {
        "date": "2019-05-17T16:29:03.187000",
        "db": "NVD",
        "id": "CVE-2019-11094"
      },
      {
        "date": "2019-05-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-765"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142706"
      },
      {
        "date": "2019-05-21T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-11094"
      },
      {
        "date": "2019-05-16T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-003441"
      },
      {
        "date": "2019-06-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004711"
      },
      {
        "date": "2019-05-21T14:35:10.550000",
        "db": "NVD",
        "id": "CVE-2019-11094"
      },
      {
        "date": "2019-05-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-765"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-765"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Intel Multiple vulnerabilities in the product",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003441"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-765"
      }
    ],
    "trust": 0.6
  }
}

cve-2019-11094

Vulnerability from fkie_nvd

Published

2019-05-17 16:29

Modified

2024-11-21 04:20

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

▼	URL	Tags
	secure@intel.com	https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html	Not Applicable
	af854a3a-2127-422b-91ae-364da2661108	https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html	Not Applicable

Impacted products

Vendor	Product	Version
intel	nuc_kit_firmware	-
intel	nuc_kit_d33217gke	-
intel	nuc_kit_d53427rke	-
intel	nuc_kit_d54250wyb	-
intel	nuc_kit_de3815tybe	-
intel	nuc_kit_dn2820fykh	-
intel	nuc_kit_nuc5cpyh	-
intel	nuc_kit_nuc5i3myhe	-
intel	nuc_kit_nuc5i5myhe	-
intel	nuc_kit_nuc5i7ryh	-
intel	nuc_kit_nuc5pgyh	-
intel	nuc_kit_nuc6cays	-
intel	nuc_kit_nuc6i5syh	-
intel	nuc_kit_nuc6i7kyk	-
intel	nuc_kit_nuc7cjyh	-
intel	nuc_kit_nuc7i3dnhe	-
intel	nuc_kit_nuc7i5dnke	-
intel	nuc_kit_nuc7i7bnh	-
intel	nuc_kit_nuc7i7dnke	-
intel	nuc_kit_nuc8i7hnk	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:nuc_kit_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71AA56A6-EB26-4A62-83EC-6961BC24D4DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_d33217gke:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "02BFB59F-D932-43E5-9A41-3AE3A9047DCE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_d53427rke:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "412647D8-EA12-4EE6-A2D3-71DDFD963BF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_d54250wyb:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8DB94BE-7F38-4029-954E-EFE1AC614798",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_de3815tybe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F83FBC94-6D65-4A44-992D-2A5AECC59E49",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_dn2820fykh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "738AD9B2-1055-42D0-8D16-205340BE3BE7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc5cpyh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB62714-4F2E-4980-9898-BBC4B06085F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc5i3myhe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97B8B238-D4DA-40A8-92CD-42B0EB6B1E2E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc5i5myhe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5226BE-680C-4915-AB23-EABC588DCC0B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc5i7ryh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03D56B57-D4CD-47E9-AE86-B1307D3609B7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc5pgyh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9ED06A8-FABF-431E-A5F4-F1B50E1F51B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc6cays:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A261B82-5F54-4556-B1D1-53F0CFDF1830",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc6i5syh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3892CA36-86BF-4861-8C32-657212EABC92",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc6i7kyk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CC80B8F-D912-40D3-90AF-00DDF6A91AED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc7cjyh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "573F0989-6A34-4595-A298-EA1B88C61BD9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i3dnhe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3143ABA5-9741-4CD2-AB9A-A7600EA6E32F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i5dnke:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EF7E820-8567-4E9A-8247-5E1665FFF8BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i7bnh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0DE3105-8418-4CA3-80B0-5EE4E394D58F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i7dnke:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DFDFEB2-B10D-489E-B51C-10FA84E65858",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i7hnk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "244CD6EC-780A-405E-8CFA-666A666FF7D5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access."
    },
    {
      "lang": "es",
      "value": "La validaci\u00f3n de entrada insuficiente en el firmware del sistema para Intel (R) NUC Kit puede permitir que un usuario autenticado habilite potencialmente el aumento de privilegios, la denegaci\u00f3n de servicio y/o la divulgaci\u00f3n de informaci\u00f3n mediante un acceso local."
    }
  ],
  "id": "CVE-2019-11094",
  "lastModified": "2024-11-21T04:20:31.577",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-17T16:29:03.187",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-25h5-m4r3-86jm

Vulnerability from github

Published

2022-05-24 16:46

Modified

2024-04-04 00:42

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-11094"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-05-17T16:29:00Z",
    "severity": "HIGH"
  },
  "details": "Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access.",
  "id": "GHSA-25h5-m4r3-86jm",
  "modified": "2024-04-04T00:42:13Z",
  "published": "2022-05-24T16:46:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11094"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2019-11094

Vulnerability from cvelistv5

gsd-2019-11094

Vulnerability from gsd

var-201905-1250

Vulnerability from variot

cve-2019-11094

Vulnerability from fkie_nvd

ghsa-25h5-m4r3-86jm

Vulnerability from github

Tags

Sightings

Nomenclature