MEDIUM✓ PATCH🇵🇱 Wersja polska

CVE-2019-11140

CVSS 6.7v3.0pub. 2019-08-19upd. 2024-11-21

Insufficient session validation in system firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Intel Compute Card Cd1iv128mk

    HW
    Intel
    wszystkie wersje
  • Intel Compute Card Firmware

    OS
    Intel
    wszystkie wersje
  • Intel Compute Stick Firmware

    OS
    Intel
    wszystkie wersje
  • Intel Compute Stick Stk2mv64cc

    HW
    Intel
    wszystkie wersje
  • Intel Nuc Kit Firmware

    OS
    Intel
    wszystkie wersje
  • Intel Nuc Kit Nuc7i3dnx

    HW
    Intel
    wszystkie wersje
  • Intel Nuc Kit Nuc7i5dnx

    HW
    Intel
    wszystkie wersje
  • Intel Nuc Kit Nuc7i7dnx

    HW
    Intel
    wszystkie wersje
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
DoS
CWE
References

Related vulnerabilities

CVE-2023-32617HIGH8.2ten sam produkt

Improper input validation in some Intel(R) NUC Rugged Kit, Intel(R) NUC Kit and Intel(R) Compute Element BIOS ...

CVE-2022-32766HIGH7.2ten sam produkt

Improper input validation for some Intel(R) BIOS firmware may allow a privileged user to potentially enable es...

CVE-2019-11094HIGH7.8ten sam produkt

Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to pote...

CVE-2018-12176HIGH8.2ten sam produkt

Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute ar...

CVE-2023-25771MEDIUM5.8ten sam produkt

Improper access control for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable ...