Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-11129 (GCVE-0-2019-11129)
Vulnerability from cvelistv5 – Published: 2019-06-13 15:36 – Updated: 2024-08-04 22:48
VLAI?
EPSS
Summary
Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
Severity ?
No CVSS data available.
CWE
- escalation of privilege, denial of service and/or information disclosure
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUC Firmware |
Affected:
Please see reference document.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:48:08.168Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
},
{
"name": "108766",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108766"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) NUC Firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Please see reference document."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege, denial of service and/or information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-20T22:17:03.000Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
},
{
"name": "108766",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108766"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2019-11129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) NUC Firmware",
"version": {
"version_data": [
{
"version_value": "Please see reference document."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege, denial of service and/or information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
},
{
"name": "108766",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108766"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2019-11129",
"datePublished": "2019-06-13T15:36:25.000Z",
"dateReserved": "2019-04-11T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:48:08.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2019-11129",
"date": "2026-04-18",
"epss": "0.00068",
"percentile": "0.20822"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-11129\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2019-06-13T16:29:01.577\",\"lastModified\":\"2024-11-21T04:20:35.123\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.\"},{\"lang\":\"es\",\"value\":\"el software lectura/escritura Fuera del l\u00edmite en system firmware para InteI NUC Kit puede permitir a un usuario privilegiado habilitar potencialmente un amento de privilegios de denegaci\u00f3n de servicio y / o revelaci\u00f3n de informaci\u00f3n a trav\u00e9s del acceso local.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"},{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:nuc_kit_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71AA56A6-EB26-4A62-83EC-6961BC24D4DA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88D13413-C312-450A-90D5-48BEB1A9036E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d34010wyx:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4C02113-34E3-4C07-93D3-4AA22E9217DF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d54250wyx:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0E48A01-63CF-4C0F-836B-2BB06A28094F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_de3815tyb:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1ED26383-FE24-4730-9593-1B87B51AA651\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_dn2820fykh:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"633D585D-B1A7-4DEF-AC47-F513088F94FE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5cpyh:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77D3091A-D8C4-40AD-958C-C1CDB7C250EC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3myx:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97C44293-9E69-4E3E-A59B-27138066B105\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3ryx:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B548392-6051-44CA-B8A8-DB3886CE7FBF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5myx:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"511FE5B3-5AE5-4428-BA4A-5B45941D9B62\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5ryx:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC61C3BA-8456-4851-A1F0-E1D6A47F938E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i7ryx:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E96F930E-F0E1-4611-B205-E0169ECD9491\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5pgyh:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2B59679-B316-46FC-9426-72A8D95B0DE7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5ppyh:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8728A26-E1A4-4215-8FFE-3638782DA739\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6cayx:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6637B704-3905-4F6A-A2CF-DB18E2A776C3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i3syx:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE1C6ED2-180E-4C53-8B3A-A9A67FEE2FDA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i5syx:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"548B342B-0E6C-4E74-BF67-450D0E84BA9F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i7kyk:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BBFF3B1-237E-4E0D-8B94-E9F2215851E7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7cjy:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD5262A4-2C3B-4801-870B-3F4D431DEC46\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3bnx:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36F5E5C2-F307-45CF-ABAF-89164FF2746B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3dnx:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF1903DA-B3FF-4B9B-941D-6F9AD0EBF2A0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5bnx:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57B2AFD1-357D-473A-A5A1-ED8F20FBE3A0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5dnx:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5CDAC90-836E-45B3-BFA3-32268E54064A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7bnx:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B8FE994-6637-4109-A050-C98A0A1BEFEA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7dnx:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09834DD2-6FD4-4A70-AAAF-EF1814DF0732\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7pjy:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93745511-0B33-4F55-9021-318B751087A7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i3cyx:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72DFFFA1-B4CD-44FA-9FDB-1DCC39E06491\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i5bex:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A23E8A97-3460-4C6F-BA5C-0188DF367AB0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7bex:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D44CAA8-EAA5-4997-8C43-169D96776D0F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hnk:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D86F9BA9-430F-4081-925F-0F59E1ADF1D3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hvk:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88A2B949-34AB-4C5D-84C0-CC502A887208\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:compute_card_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F811493-1AB4-47BC-B942-2E93A7349843\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:compute_card_cd1c64gk:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F05A36D1-E417-4904-9DBB-C5828F6521B6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:compute_card_cd1iv128mk:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFEA643F-FE21-45B0-AC74-D87D7D864D10\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:compute_card_cd1m3128mk:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1FA6131-F3C8-4B98-B4E8-C320C262F750\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:compute_card_cd1p64gk:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E3D93D1-5772-4806-9428-9AB26B32D210\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:compute_stick_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"202B4308-A49D-487D-A04D-FE34235F61C5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:compute_stick_stck1a32wfc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E453448C-AA11-48E3-8423-60E62A10D0CA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:compute_stick_stck1a8lfc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17AA0B4A-67AF-466E-BCA6-A8654CA99406\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:compute_stick_stk2m364cc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4E8B2EE-302C-4019-A20E-025AAB7E8C9E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:compute_stick_stk2m3w64cc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9A90BE5-6136-43A9-BC91-9474D3D0EEF6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:compute_stick_stk2mv64cc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B0C9D80-37A3-43E5-B818-55532F613436\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/108766\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html\",\"source\":\"secure@intel.com\"},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129\",\"source\":\"nvd@nist.gov\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/108766\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
BDU:2019-02170
Vulnerability from fstec - Published: 11.06.2019
VLAI Severity ?
Title
Уязвимость встроенного программного обеспечения Intel NUC Kit, связанная с чтением за границами буфера в памяти, позволяющая нарушителю получить доступ к защищаемой информации, вызвать отказ в обслуживании или повысить свои привилегии
Description
Уязвимость встроенного программного обеспечения Intel NUC Kit вызвана чтением за границами буфера в памяти. Эксплуатация уязвимости может позволить нарушителю получить доступ к защищаемой информации, вызвать отказ в обслуживании или повысить свои привилегии
Severity ?
Vendor
Intel Corp.
Software Name
Intel NUC Kit NUC8i7HNK, Intel NUC Kit NUC8i7HVK, Intel NUC Kit NUC8i3BEx, Intel NUC Kit NUC8i5BEx, Intel NUC Kit NUC8i7BEx, Intel Compute Card CD1C64GK, Intel Compute Card CD1P64GK, Intel NUC Kit NUC8i3CYx, Intel NUC Kit NUC7i3DNx, Intel NUC Kit NUC7i5DNx, Intel NUC Kit NUC7i7DNx, Intel Compute Stick STK2M3W64CC, Intel Compute Stick STK2M364CC, Intel Compute Stick STK2MV64CC, Intel NUC Kit NUC6i7KYk, Intel NUC Kit NUC7PJY, Intel NUC Kit NUC7CJY, Intel NUC KitNUC6CAYx, Intel NUC Kit DE3815TYB (BIOS ID CODE TYBYT20H.86A), Intel NUC Kit DE3815TYB (BIOS ID CODE TYBYT10H.86A), Intel NUC Kit NUC5CPYH, Intel NUC Kit NUC5PGYH, Intel NUC Kit NUC5PPYH, Intel NUC Kit NUC5i3RYx, Intel NUC Kit NUC5i5RYx, Intel NUC Kit NUC5i7RYx, Intel NUC Kit D34010WYx, Intel NUC Kit D54250WYx, Intel NUC Kit NUC6i3SYx, Intel NUC Kit NUC6i5SYx, Intel NUC Kit NUC7i3BNx, Intel NUC Kit NUC7i5BNx, Intel NUC Kit NUC7i7BNx, Intel Compute Card CD1IV128MK, Intel Compute Card CD1M3128MK, Intel Compute Stick STCK1A8LFC, Intel Compute Stick STCK1A32WFC, Intel NUC Kit DN2820FYKH, Intel NUC Kit NUC5i5MYx, Intel NUC Kit NUC5i3MYx
Software Version
до 0054 (Intel NUC Kit NUC8i7HNK), до 0054 (Intel NUC Kit NUC8i7HVK), до 0071 (Intel NUC Kit NUC8i3BEx), до 0071 (Intel NUC Kit NUC8i5BEx), до 0071 (Intel NUC Kit NUC8i7BEx), до 0050 (Intel Compute Card CD1C64GK), до 0050 (Intel Compute Card CD1P64GK), до 0040 (Intel NUC Kit NUC8i3CYx), до 0063 (Intel NUC Kit NUC7i3DNx), до 0063 (Intel NUC Kit NUC7i5DNx), до 0063 (Intel NUC Kit NUC7i7DNx), до 0060 (Intel Compute Stick STK2M3W64CC), до 0060 (Intel Compute Stick STK2M364CC), до 0060 (Intel Compute Stick STK2MV64CC), до 0062 (Intel NUC Kit NUC6i7KYk), до 0049 (Intel NUC Kit NUC7PJY), до 0049 (Intel NUC Kit NUC7CJY), до 0060 (Intel NUC KitNUC6CAYx), до 0020 (Intel NUC Kit DE3815TYB (BIOS ID CODE TYBYT20H.86A)), до 0065 (Intel NUC Kit DE3815TYB (BIOS ID CODE TYBYT10H.86A)), до 0076 (Intel NUC Kit NUC5CPYH), до 0076 (Intel NUC Kit NUC5PGYH), до 0076 (Intel NUC Kit NUC5PPYH), до 0379 (Intel NUC Kit NUC5i3RYx), до 0379 (Intel NUC Kit NUC5i5RYx), до 0379 (Intel NUC Kit NUC5i7RYx), до 0051 (Intel NUC Kit D34010WYx), до 0051 (Intel NUC Kit D54250WYx), до 0070 (Intel NUC Kit NUC6i3SYx), до 0070 (Intel NUC Kit NUC6i5SYx), до 0079 (Intel NUC Kit NUC7i3BNx), до 0079 (Intel NUC Kit NUC7i5BNx), до 0079 (Intel NUC Kit NUC7i7BNx), до 0036 (Intel Compute Card CD1IV128MK), до 0056 (Intel Compute Card CD1M3128MK), до 0039 (Intel Compute Stick STCK1A8LFC), до 0039 (Intel Compute Stick STCK1A32WFC), до 0067 (Intel NUC Kit DN2820FYKH), до 0051 (Intel NUC Kit NUC5i5MYx), до 0054 (Intel NUC Kit NUC5i3MYx)
Possible Mitigations
Использование рекомендаций:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html
Reference
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00259.html
https://vuldb.com/?id.136468
CWE
CWE-125
{
"CVSS 2.0": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
"CVSS 3.0": "AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Intel Corp.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 0054 (Intel NUC Kit NUC8i7HNK), \u0434\u043e 0054 (Intel NUC Kit NUC8i7HVK), \u0434\u043e 0071 (Intel NUC Kit NUC8i3BEx), \u0434\u043e 0071 (Intel NUC Kit NUC8i5BEx), \u0434\u043e 0071 (Intel NUC Kit NUC8i7BEx), \u0434\u043e 0050 (Intel Compute Card CD1C64GK), \u0434\u043e 0050 (Intel Compute Card CD1P64GK), \u0434\u043e 0040 (Intel NUC Kit NUC8i3CYx), \u0434\u043e 0063 (Intel NUC Kit NUC7i3DNx), \u0434\u043e 0063 (Intel NUC Kit NUC7i5DNx), \u0434\u043e 0063 (Intel NUC Kit NUC7i7DNx), \u0434\u043e 0060 (Intel Compute Stick STK2M3W64CC), \u0434\u043e 0060 (Intel Compute Stick STK2M364CC), \u0434\u043e 0060 (Intel Compute Stick STK2MV64CC), \u0434\u043e 0062 (Intel NUC Kit NUC6i7KYk), \u0434\u043e 0049 (Intel NUC Kit NUC7PJY), \u0434\u043e 0049 (Intel NUC Kit NUC7CJY), \u0434\u043e 0060 (Intel NUC KitNUC6CAYx), \u0434\u043e 0020 (Intel NUC Kit DE3815TYB (BIOS ID CODE TYBYT20H.86A)), \u0434\u043e 0065 (Intel NUC Kit DE3815TYB (BIOS ID CODE TYBYT10H.86A)), \u0434\u043e 0076 (Intel NUC Kit NUC5CPYH), \u0434\u043e 0076 (Intel NUC Kit NUC5PGYH), \u0434\u043e 0076 (Intel NUC Kit NUC5PPYH), \u0434\u043e 0379 (Intel NUC Kit NUC5i3RYx), \u0434\u043e 0379 (Intel NUC Kit NUC5i5RYx), \u0434\u043e 0379 (Intel NUC Kit NUC5i7RYx), \u0434\u043e 0051 (Intel NUC Kit D34010WYx), \u0434\u043e 0051 (Intel NUC Kit D54250WYx), \u0434\u043e 0070 (Intel NUC Kit NUC6i3SYx), \u0434\u043e 0070 (Intel NUC Kit NUC6i5SYx), \u0434\u043e 0079 (Intel NUC Kit NUC7i3BNx), \u0434\u043e 0079 (Intel NUC Kit NUC7i5BNx), \u0434\u043e 0079 (Intel NUC Kit NUC7i7BNx), \u0434\u043e 0036 (Intel Compute Card CD1IV128MK), \u0434\u043e 0056 (Intel Compute Card CD1M3128MK), \u0434\u043e 0039 (Intel Compute Stick STCK1A8LFC), \u0434\u043e 0039 (Intel Compute Stick STCK1A32WFC), \u0434\u043e 0067 (Intel NUC Kit DN2820FYKH), \u0434\u043e 0051 (Intel NUC Kit NUC5i5MYx), \u0434\u043e 0054 (Intel NUC Kit NUC5i3MYx)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "11.06.2019",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.03.2021",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "21.06.2019",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2019-02170",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-11129",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Intel NUC Kit NUC8i7HNK, Intel NUC Kit NUC8i7HVK, Intel NUC Kit NUC8i3BEx, Intel NUC Kit NUC8i5BEx, Intel NUC Kit NUC8i7BEx, Intel Compute Card CD1C64GK, Intel Compute Card CD1P64GK, Intel NUC Kit NUC8i3CYx, Intel NUC Kit NUC7i3DNx, Intel NUC Kit NUC7i5DNx, Intel NUC Kit NUC7i7DNx, Intel Compute Stick STK2M3W64CC, Intel Compute Stick STK2M364CC, Intel Compute Stick STK2MV64CC, Intel NUC Kit NUC6i7KYk, Intel NUC Kit NUC7PJY, Intel NUC Kit NUC7CJY, Intel NUC KitNUC6CAYx, Intel NUC Kit DE3815TYB (BIOS ID CODE TYBYT20H.86A), Intel NUC Kit DE3815TYB (BIOS ID CODE TYBYT10H.86A), Intel NUC Kit NUC5CPYH, Intel NUC Kit NUC5PGYH, Intel NUC Kit NUC5PPYH, Intel NUC Kit NUC5i3RYx, Intel NUC Kit NUC5i5RYx, Intel NUC Kit NUC5i7RYx, Intel NUC Kit D34010WYx, Intel NUC Kit D54250WYx, Intel NUC Kit NUC6i3SYx, Intel NUC Kit NUC6i5SYx, Intel NUC Kit NUC7i3BNx, Intel NUC Kit NUC7i5BNx, Intel NUC Kit NUC7i7BNx, Intel Compute Card CD1IV128MK, Intel Compute Card CD1M3128MK, Intel Compute Stick STCK1A8LFC, Intel Compute Stick STCK1A32WFC, Intel NUC Kit DN2820FYKH, Intel NUC Kit NUC5i5MYx, Intel NUC Kit NUC5i3MYx",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Intel NUC Kit, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0447\u0442\u0435\u043d\u0438\u0435\u043c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438\u043b\u0438 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0427\u0442\u0435\u043d\u0438\u0435 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-125)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Intel NUC Kit \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0447\u0442\u0435\u043d\u0438\u0435\u043c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438\u043b\u0438 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "\u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u0443\u043a\u0430\u0437\u0430\u043d\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 BIOS",
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00259.html\nhttps://vuldb.com/?id.136468",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-125",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,1)"
}
VAR-201906-1236
Vulnerability from variot - Updated: 2024-11-23 20:02Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. Multiple Intel NUC Kits are prone to multiple unspecified security vulnerabilities. Attackers can leverage these issues to gain elevated privileges, cause denial-of-service conditions or obtain sensitive information. Intel NUC Kit is a small desktop computer produced by Intel Corporation of the United States. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201906-1236",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "compute card",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "compute stick",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "accelerated storage manager",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "chipset device software",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "compute card",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "compute stick",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core i3",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core i5",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core x-series",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "omni-path fabric manager gui",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "pentium",
"scope": "eq",
"trust": 0.8,
"vendor": "intel",
"version": "processor 2000 series"
},
{
"model": "pentium",
"scope": "eq",
"trust": 0.8,
"vendor": "intel",
"version": "processor 3000 series"
},
{
"model": "pentium",
"scope": "eq",
"trust": 0.8,
"vendor": "intel",
"version": "processor g series"
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "raid web console v3",
"scope": "eq",
"trust": 0.8,
"vendor": "intel",
"version": "for windows"
},
{
"model": "sgx dcap linux driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "sgx linux client driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "turbo boost max technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon",
"scope": "eq",
"trust": 0.8,
"vendor": "intel",
"version": "processor e7 v3 family"
},
{
"model": "xeon",
"scope": "eq",
"trust": 0.8,
"vendor": "intel",
"version": "processor e7 v5 family"
},
{
"model": "xeon",
"scope": "eq",
"trust": 0.8,
"vendor": "intel",
"version": "processor e7 v7 family"
},
{
"model": "ite tech* consumer infrared driver",
"scope": "eq",
"trust": 0.8,
"vendor": "intel",
"version": "for windows 10"
},
{
"model": "open cloud integrity technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "openattestation",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kitnuc6cayx bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc8i7hvk bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc8i7hnk bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc8i7bex bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc8i5bex bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc8i3cyx bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc8i3bex bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc7pjy bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc7i7dnx bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc7i7bnx bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc7i5dnx bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc7i5bnx bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc7i3dnx bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc7i3bnx bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc7cjy bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc6i7kyk bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc6i5syx bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc6i3syx bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc5ppyh bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc5pgyh bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc5i7ryx bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc5i5ryx bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc5i5myx bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc5i3ryx bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc5i3myx bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit nuc5cpyh bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit dn2820fykh bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit de3815tyb bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit d54250wyx bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kit d34010wyx bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "compute stick stk2mv64cc bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "compute stick stk2m3w64cc bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "compute stick stk2m364cc bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "compute stick stck1a8lfc bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "compute stick stck1a32wfc bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "compute card cd1p64gk bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "compute card cd1m3128mk bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "compute card cd1iv128mk bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "compute card cd1c64gk bios",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "nuc kitnuc6cayx bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0060"
},
{
"model": "nuc kit nuc8i7hvk bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0054"
},
{
"model": "nuc kit nuc8i7hnk bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0054"
},
{
"model": "nuc kit nuc8i7bex bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0071"
},
{
"model": "nuc kit nuc8i5bex bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0071"
},
{
"model": "nuc kit nuc8i3cyx bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0040"
},
{
"model": "nuc kit nuc8i3bex bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0071"
},
{
"model": "nuc kit nuc7pjy bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0049"
},
{
"model": "nuc kit nuc7i7dnx bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0063"
},
{
"model": "nuc kit nuc7i7bnx bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0079"
},
{
"model": "nuc kit nuc7i5dnx bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0063"
},
{
"model": "nuc kit nuc7i5bnx bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0079"
},
{
"model": "nuc kit nuc7i3dnx bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0063"
},
{
"model": "nuc kit nuc7i3bnx bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0079"
},
{
"model": "nuc kit nuc7cjy bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0049"
},
{
"model": "nuc kit nuc6i7kyk bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0062"
},
{
"model": "nuc kit nuc6i5syx bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0070"
},
{
"model": "nuc kit nuc6i3syx bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0070"
},
{
"model": "nuc kit nuc5ppyh bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0076"
},
{
"model": "nuc kit nuc5pgyh bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0076"
},
{
"model": "nuc kit nuc5i7ryx bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0379"
},
{
"model": "nuc kit nuc5i5ryx bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0379"
},
{
"model": "nuc kit nuc5i5myx bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0051"
},
{
"model": "nuc kit nuc5i3ryx bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0379"
},
{
"model": "nuc kit nuc5i3myx bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0054"
},
{
"model": "nuc kit nuc5cpyh bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0076"
},
{
"model": "nuc kit dn2820fykh bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0067"
},
{
"model": "nuc kit de3815tyb bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0065"
},
{
"model": "nuc kit de3815tyb bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0020"
},
{
"model": "nuc kit d54250wyx bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0051"
},
{
"model": "nuc kit d34010wyx bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0051"
},
{
"model": "compute stick stk2mv64cc bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0060"
},
{
"model": "compute stick stk2m3w64cc bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0060"
},
{
"model": "compute stick stk2m364cc bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0060"
},
{
"model": "compute stick stck1a8lfc bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0039"
},
{
"model": "compute stick stck1a32wfc bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0039"
},
{
"model": "compute card cd1p64gk bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0050"
},
{
"model": "compute card cd1m3128mk bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0056"
},
{
"model": "compute card cd1iv128mk bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0036"
},
{
"model": "compute card cd1c64gk bios",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0050"
}
],
"sources": [
{
"db": "BID",
"id": "108766"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004980"
},
{
"db": "NVD",
"id": "CVE-2019-11129"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:intel:accelerated_storage_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:chipset_device_software",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:compute_card_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:compute_stick_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:core_i3",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:core_i5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:core_x-series",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:nuc_kit_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:omni-path_fabric_manager_gui",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:pentium",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:intel:raid_web_console_3",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:sgx_dcap_linux_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:sgx_linux_client_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:turbo_boost_max_technology",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:xeon",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:ite_tech_consumer_infrared_driver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:open_cloud_integrity_technology",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:intel:openattestation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004980"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "and Malyutin Maksim.,Alexander Ermolov ,Ruslan Zakirov",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-554"
}
],
"trust": 0.6
},
"cve": "CVE-2019-11129",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-11129",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-142744",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2019-11129",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-11129",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201906-554",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-142744",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-11129",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142744"
},
{
"db": "VULMON",
"id": "CVE-2019-11129"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-554"
},
{
"db": "NVD",
"id": "CVE-2019-11129"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. Multiple Intel NUC Kits are prone to multiple unspecified security vulnerabilities. \nAttackers can leverage these issues to gain elevated privileges, cause denial-of-service conditions or obtain sensitive information. Intel NUC Kit is a small desktop computer produced by Intel Corporation of the United States. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-11129"
},
{
"db": "BID",
"id": "108766"
},
{
"db": "VULHUB",
"id": "VHN-142744"
},
{
"db": "VULMON",
"id": "CVE-2019-11129"
}
],
"trust": 1.35
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-11129",
"trust": 2.9
},
{
"db": "BID",
"id": "108766",
"trust": 2.1
},
{
"db": "JVN",
"id": "JVNVU95572531",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004980",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201906-554",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.2099",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-142744",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-11129",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142744"
},
{
"db": "VULMON",
"id": "CVE-2019-11129"
},
{
"db": "BID",
"id": "108766"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004980"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-554"
},
{
"db": "NVD",
"id": "CVE-2019-11129"
}
]
},
"id": "VAR-201906-1236",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-142744"
}
],
"trust": 0.8407131071428573
},
"last_update_date": "2024-11-23T20:02:19.110000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "[INTEL-SA-00248] Open Cloud Integrity Technology and OpenAttestation Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00248.html"
},
{
"title": "[INTEL-SA-00257] Intel Omni-Path Fabric Manager GUI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00257.html"
},
{
"title": "[INTEL-SA-00259] Intel RAID Web Console 3 for Windows* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00259.html"
},
{
"title": "[INTEL-SA-00224] Intel Chipset Device Software (INF Update Utility) Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00224.html"
},
{
"title": "[INTEL-SA-00264] Intel NUC Firmware Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
},
{
"title": "[INTEL-SA-00226] Intel Accelerated Storage Manager in Intel Rapid Storage Technology Enterprise Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00226.html"
},
{
"title": "[INTEL-SA-00206] ITE Tech* Consumer Infrared Driver for Windows 10 Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00206.html"
},
{
"title": "[INTEL-SA-00232] Intel PROSet/Wireless WiFi Software Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00232.html"
},
{
"title": "[INTEL-SA-00235] Intel SGX for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00235.html"
},
{
"title": "[INTEL-SA-00243] Intel Turbo Boost Max Technology 3.0 Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00243.html"
},
{
"title": "[INTEL-SA-00247] Partial Physical Address Leakage Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00247.html"
},
{
"title": "Intel NUC Kit Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=93787"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/intel-patches-nuc-firmware/145620/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-11129"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004980"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-554"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.1
},
{
"problemtype": "CWE-787",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142744"
},
{
"db": "NVD",
"id": "CVE-2019-11129"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/108766"
},
{
"trust": 2.1,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
},
{
"trust": 1.7,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11129"
},
{
"trust": 0.9,
"url": "http://www.intel.com/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0130"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0179"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11123"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0136"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0180"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11124"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0157"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0181"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11125"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0164"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0182"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11126"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11127"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0174"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0183"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11128"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0175"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11092"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11129"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3702"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0177"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11117"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0128"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0178"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11119"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu95572531"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0128"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0178"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11119"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0130"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0179"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11123"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0136"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0180"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11124"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0157"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0181"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11125"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0164"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0182"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11126"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0174"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0183"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11127"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0175"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11092"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11128"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3702"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0177"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11117"
},
{
"trust": 0.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/in"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2099/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/125.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/intel-patches-nuc-firmware/145620/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142744"
},
{
"db": "VULMON",
"id": "CVE-2019-11129"
},
{
"db": "BID",
"id": "108766"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004980"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-554"
},
{
"db": "NVD",
"id": "CVE-2019-11129"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-142744"
},
{
"db": "VULMON",
"id": "CVE-2019-11129"
},
{
"db": "BID",
"id": "108766"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004980"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-554"
},
{
"db": "NVD",
"id": "CVE-2019-11129"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-13T00:00:00",
"db": "VULHUB",
"id": "VHN-142744"
},
{
"date": "2019-06-13T00:00:00",
"db": "VULMON",
"id": "CVE-2019-11129"
},
{
"date": "2019-06-11T00:00:00",
"db": "BID",
"id": "108766"
},
{
"date": "2019-06-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004980"
},
{
"date": "2019-06-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-554"
},
{
"date": "2019-06-13T16:29:01.577000",
"db": "NVD",
"id": "CVE-2019-11129"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-20T00:00:00",
"db": "VULHUB",
"id": "VHN-142744"
},
{
"date": "2019-06-20T00:00:00",
"db": "VULMON",
"id": "CVE-2019-11129"
},
{
"date": "2019-06-11T00:00:00",
"db": "BID",
"id": "108766"
},
{
"date": "2019-06-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004980"
},
{
"date": "2019-06-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-554"
},
{
"date": "2024-11-21T04:20:35.123000",
"db": "NVD",
"id": "CVE-2019-11129"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "108766"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-554"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Multiple vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004980"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-554"
}
],
"trust": 0.6
}
}
GHSA-WH8H-6W9M-P422
Vulnerability from github – Published: 2022-05-24 16:48 – Updated: 2024-04-04 00:57
VLAI?
Details
Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
Severity ?
6.7 (Medium)
{
"affected": [],
"aliases": [
"CVE-2019-11129"
],
"database_specific": {
"cwe_ids": [
"CWE-125"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-06-13T16:29:00Z",
"severity": "MODERATE"
},
"details": "Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.",
"id": "GHSA-wh8h-6w9m-p422",
"modified": "2024-04-04T00:57:16Z",
"published": "2022-05-24T16:48:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11129"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/in"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/108766"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
FKIE_CVE-2019-11129
Vulnerability from fkie_nvd - Published: 2019-06-13 16:29 - Updated: 2024-11-21 04:20
Severity ?
Summary
Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_kit_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71AA56A6-EB26-4A62-83EC-6961BC24D4DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88D13413-C312-450A-90D5-48BEB1A9036E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d34010wyx:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C02113-34E3-4C07-93D3-4AA22E9217DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d54250wyx:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E48A01-63CF-4C0F-836B-2BB06A28094F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_de3815tyb:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED26383-FE24-4730-9593-1B87B51AA651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_dn2820fykh:*:*:*:*:*:*:*",
"matchCriteriaId": "633D585D-B1A7-4DEF-AC47-F513088F94FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5cpyh:*:*:*:*:*:*:*",
"matchCriteriaId": "77D3091A-D8C4-40AD-958C-C1CDB7C250EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3myx:*:*:*:*:*:*:*",
"matchCriteriaId": "97C44293-9E69-4E3E-A59B-27138066B105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3ryx:*:*:*:*:*:*:*",
"matchCriteriaId": "6B548392-6051-44CA-B8A8-DB3886CE7FBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5myx:*:*:*:*:*:*:*",
"matchCriteriaId": "511FE5B3-5AE5-4428-BA4A-5B45941D9B62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5ryx:*:*:*:*:*:*:*",
"matchCriteriaId": "EC61C3BA-8456-4851-A1F0-E1D6A47F938E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i7ryx:*:*:*:*:*:*:*",
"matchCriteriaId": "E96F930E-F0E1-4611-B205-E0169ECD9491",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5pgyh:*:*:*:*:*:*:*",
"matchCriteriaId": "D2B59679-B316-46FC-9426-72A8D95B0DE7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5ppyh:*:*:*:*:*:*:*",
"matchCriteriaId": "C8728A26-E1A4-4215-8FFE-3638782DA739",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6cayx:*:*:*:*:*:*:*",
"matchCriteriaId": "6637B704-3905-4F6A-A2CF-DB18E2A776C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i3syx:*:*:*:*:*:*:*",
"matchCriteriaId": "BE1C6ED2-180E-4C53-8B3A-A9A67FEE2FDA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i5syx:*:*:*:*:*:*:*",
"matchCriteriaId": "548B342B-0E6C-4E74-BF67-450D0E84BA9F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i7kyk:*:*:*:*:*:*:*",
"matchCriteriaId": "4BBFF3B1-237E-4E0D-8B94-E9F2215851E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7cjy:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5262A4-2C3B-4801-870B-3F4D431DEC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3bnx:*:*:*:*:*:*:*",
"matchCriteriaId": "36F5E5C2-F307-45CF-ABAF-89164FF2746B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3dnx:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1903DA-B3FF-4B9B-941D-6F9AD0EBF2A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5bnx:*:*:*:*:*:*:*",
"matchCriteriaId": "57B2AFD1-357D-473A-A5A1-ED8F20FBE3A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5dnx:*:*:*:*:*:*:*",
"matchCriteriaId": "A5CDAC90-836E-45B3-BFA3-32268E54064A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7bnx:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8FE994-6637-4109-A050-C98A0A1BEFEA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7dnx:*:*:*:*:*:*:*",
"matchCriteriaId": "09834DD2-6FD4-4A70-AAAF-EF1814DF0732",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7pjy:*:*:*:*:*:*:*",
"matchCriteriaId": "93745511-0B33-4F55-9021-318B751087A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i3cyx:*:*:*:*:*:*:*",
"matchCriteriaId": "72DFFFA1-B4CD-44FA-9FDB-1DCC39E06491",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i5bex:*:*:*:*:*:*:*",
"matchCriteriaId": "A23E8A97-3460-4C6F-BA5C-0188DF367AB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7bex:*:*:*:*:*:*:*",
"matchCriteriaId": "1D44CAA8-EAA5-4997-8C43-169D96776D0F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hnk:*:*:*:*:*:*:*",
"matchCriteriaId": "D86F9BA9-430F-4081-925F-0F59E1ADF1D3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hvk:*:*:*:*:*:*:*",
"matchCriteriaId": "88A2B949-34AB-4C5D-84C0-CC502A887208",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:compute_card_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F811493-1AB4-47BC-B942-2E93A7349843",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:compute_card_cd1c64gk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F05A36D1-E417-4904-9DBB-C5828F6521B6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:compute_card_cd1iv128mk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFEA643F-FE21-45B0-AC74-D87D7D864D10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:compute_card_cd1m3128mk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1FA6131-F3C8-4B98-B4E8-C320C262F750",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:compute_card_cd1p64gk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E3D93D1-5772-4806-9428-9AB26B32D210",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:compute_stick_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "202B4308-A49D-487D-A04D-FE34235F61C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:compute_stick_stck1a32wfc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E453448C-AA11-48E3-8423-60E62A10D0CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:compute_stick_stck1a8lfc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17AA0B4A-67AF-466E-BCA6-A8654CA99406",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:compute_stick_stk2m364cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4E8B2EE-302C-4019-A20E-025AAB7E8C9E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:compute_stick_stk2m3w64cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9A90BE5-6136-43A9-BC91-9474D3D0EEF6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:compute_stick_stk2mv64cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B0C9D80-37A3-43E5-B818-55532F613436",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
},
{
"lang": "es",
"value": "el software lectura/escritura Fuera del l\u00edmite en system firmware para InteI NUC Kit puede permitir a un usuario privilegiado habilitar potencialmente un amento de privilegios de denegaci\u00f3n de servicio y / o revelaci\u00f3n de informaci\u00f3n a trav\u00e9s del acceso local."
}
],
"id": "CVE-2019-11129",
"lastModified": "2024-11-21T04:20:35.123",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-13T16:29:01.577",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108766"
},
{
"source": "secure@intel.com",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108766"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CERTFR-2019-AVI-271
Vulnerability from certfr_avis - Published: 2019-06-14 - Updated: 2019-06-14
De multiples vulnérabilités ont été découvertes dans les produits Intel. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Intel | N/A | Intel Core X-series Processors, 4th Generation Intel Core i5 Processors,4th Generation Intel Core i3 Processors, Intel Pentium Processor G Series, Intel Pentium Processor 3000 Series, Intel Celeron Processor 2000 Series, Intel Xeon Processor E7 v3 Family, Intel Xeon Processor E5 v3 Family et Intel Xeon Processor E3 v3 Family | ||
| Intel | N/A | ITE Tech Consumer Infrared Driver pour Windows 10 versions antérieures à 5.4.3.0 | ||
| Intel | N/A | Intel NUC, vérifier sur le site du constructeur pour les versions vulnérables (cf. section Documentation). | ||
| Intel | N/A | Intel Omni-Path Fabric Manager GUI versions antérieures à 10.9.2.1.1 | ||
| Intel | N/A | Intel Accelerated Storage Manager dans Intel RSTe versions antérieures à 5.5.0.2015 | ||
| Intel | N/A | Intel RAID Web Console 3 pour Windows versions antérieures à 7.009.011.000 | ||
| Intel | N/A | Intel Turbo Boost Max Technology 3.0 microgiciels versions 1.0.0.1035 et antérieures | ||
| Intel | N/A | Intel PROSet/Wireless WiFi Software versions antérieures à 21.10 pour Microsoft Windows 7, 8.1 et 10 | ||
| Intel | N/A | Intel SGX DCAP Linux driver versions antérieures à 1.1 | ||
| Intel | N/A | Intel Chipset Device Software (INF Update Utility) versions antérieures à 10.1.1.45 | ||
| Intel | N/A | Intel SGX Linux client driver versions antérieures à 2.5 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Intel Core X-series Processors, 4th Generation Intel Core i5 Processors,4th Generation Intel Core i3 Processors, Intel Pentium Processor G Series, Intel Pentium Processor 3000 Series, Intel Celeron Processor 2000 Series, Intel Xeon Processor E7 v3 Family, Intel Xeon Processor E5 v3 Family et Intel Xeon Processor E3 v3 Family",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "ITE Tech Consumer Infrared Driver pour Windows 10 versions ant\u00e9rieures \u00e0 5.4.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel NUC, v\u00e9rifier sur le site du constructeur pour les versions vuln\u00e9rables (cf. section Documentation).",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Omni-Path Fabric Manager GUI versions ant\u00e9rieures \u00e0 10.9.2.1.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Accelerated Storage Manager dans Intel RSTe versions ant\u00e9rieures \u00e0 5.5.0.2015",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel RAID Web Console 3 pour Windows versions ant\u00e9rieures \u00e0 7.009.011.000",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Turbo Boost Max Technology 3.0 microgiciels versions 1.0.0.1035 et ant\u00e9rieures",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel PROSet/Wireless WiFi Software versions ant\u00e9rieures \u00e0 21.10 pour Microsoft Windows 7, 8.1 et 10",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel SGX DCAP Linux driver versions ant\u00e9rieures \u00e0 1.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Chipset Device Software (INF Update Utility) versions ant\u00e9rieures \u00e0 10.1.1.45",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel SGX Linux client driver versions ant\u00e9rieures \u00e0 2.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-11125",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11125"
},
{
"name": "CVE-2019-0178",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0178"
},
{
"name": "CVE-2019-0174",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0174"
},
{
"name": "CVE-2019-11117",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11117"
},
{
"name": "CVE-2019-0130",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0130"
},
{
"name": "CVE-2019-11124",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11124"
},
{
"name": "CVE-2019-0164",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0164"
},
{
"name": "CVE-2019-0181",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0181"
},
{
"name": "CVE-2019-0179",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0179"
},
{
"name": "CVE-2019-0128",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0128"
},
{
"name": "CVE-2019-11127",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11127"
},
{
"name": "CVE-2019-11126",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11126"
},
{
"name": "CVE-2019-0175",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0175"
},
{
"name": "CVE-2019-0180",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0180"
},
{
"name": "CVE-2019-11129",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11129"
},
{
"name": "CVE-2018-3702",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3702"
},
{
"name": "CVE-2019-0177",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0177"
},
{
"name": "CVE-2019-11092",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11092"
},
{
"name": "CVE-2019-0136",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0136"
},
{
"name": "CVE-2019-0183",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0183"
},
{
"name": "CVE-2019-0182",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0182"
},
{
"name": "CVE-2019-0157",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0157"
},
{
"name": "CVE-2019-11119",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11119"
},
{
"name": "CVE-2019-11128",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11128"
},
{
"name": "CVE-2019-11123",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11123"
}
],
"initial_release_date": "2019-06-14T00:00:00",
"last_revision_date": "2019-06-14T00:00:00",
"links": [],
"reference": "CERTFR-2019-AVI-271",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-06-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00259 du 11 juin 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00259.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00232 du 11 juin 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00232.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00206 du 11 juin 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00206.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00235 du 11 juin 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00235.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00243 du 11 juin 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00243.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00257 du 11 juin 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00257.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00224 du 11 juin 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00224.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00226 du 11 juin 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00226.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00247 du 11 juin 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00247.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00264 du 11 juin 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00248 du 11 juin 2019",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00248.html"
}
]
}
CNVD-2019-42731
Vulnerability from cnvd - Published: 2019-11-21
VLAI Severity ?
Title
Intel NUC Kit缓冲区溢出漏洞(CNVD-2019-42731)
Description
Intel NUC Kit是美国英特尔(Intel)公司的一款小型台式电脑。
Intel NUC Kit中的系统固件存在缓冲区错误漏洞。该漏洞源于网络系统或产品在内存上执行操作时,未正确验证数据边界,导致向关联的其他内存位置上执行了错误的读写操作。攻击者可利用该漏洞导致缓冲区溢出或堆溢出等。
Severity
中
Patch Name
Intel NUC Kit缓冲区溢出漏洞(CNVD-2019-42731)的补丁
Patch Description
Intel NUC Kit是美国英特尔(Intel)公司的一款小型台式电脑。
Intel NUC Kit中的系统固件存在缓冲区错误漏洞。该漏洞源于网络系统或产品在内存上执行操作时,未正确验证数据边界,导致向关联的其他内存位置上执行了错误的读写操作。攻击者可利用该漏洞导致缓冲区溢出或堆溢出等。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html
Reference
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html
Impacted products
| Name | Intel NUC kits |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2019-11129",
"cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11129"
}
},
"description": "Intel NUC Kit\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u5c0f\u578b\u53f0\u5f0f\u7535\u8111\u3002\n\nIntel NUC Kit\u4e2d\u7684\u7cfb\u7edf\u56fa\u4ef6\u5b58\u5728\u7f13\u51b2\u533a\u9519\u8bef\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u5728\u5185\u5b58\u4e0a\u6267\u884c\u64cd\u4f5c\u65f6\uff0c\u672a\u6b63\u786e\u9a8c\u8bc1\u6570\u636e\u8fb9\u754c\uff0c\u5bfc\u81f4\u5411\u5173\u8054\u7684\u5176\u4ed6\u5185\u5b58\u4f4d\u7f6e\u4e0a\u6267\u884c\u4e86\u9519\u8bef\u7684\u8bfb\u5199\u64cd\u4f5c\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7f13\u51b2\u533a\u6ea2\u51fa\u6216\u5806\u6ea2\u51fa\u7b49\u3002",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-42731",
"openTime": "2019-11-21",
"patchDescription": "Intel NUC Kit\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u5c0f\u578b\u53f0\u5f0f\u7535\u8111\u3002\r\n\r\nIntel NUC Kit\u4e2d\u7684\u7cfb\u7edf\u56fa\u4ef6\u5b58\u5728\u7f13\u51b2\u533a\u9519\u8bef\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u5728\u5185\u5b58\u4e0a\u6267\u884c\u64cd\u4f5c\u65f6\uff0c\u672a\u6b63\u786e\u9a8c\u8bc1\u6570\u636e\u8fb9\u754c\uff0c\u5bfc\u81f4\u5411\u5173\u8054\u7684\u5176\u4ed6\u5185\u5b58\u4f4d\u7f6e\u4e0a\u6267\u884c\u4e86\u9519\u8bef\u7684\u8bfb\u5199\u64cd\u4f5c\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7f13\u51b2\u533a\u6ea2\u51fa\u6216\u5806\u6ea2\u51fa\u7b49\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Intel NUC Kit\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2019-42731\uff09\u7684\u8865\u4e01",
"products": {
"product": "Intel NUC kits"
},
"referenceLink": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html",
"serverity": "\u4e2d",
"submitTime": "2019-06-14",
"title": "Intel NUC Kit\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2019-42731\uff09"
}
GSD-2019-11129
Vulnerability from gsd - Updated: 2023-12-13 01:24Details
Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-11129",
"description": "Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.",
"id": "GSD-2019-11129"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-11129"
],
"details": "Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.",
"id": "GSD-2019-11129",
"modified": "2023-12-13T01:24:02.463803Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2019-11129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) NUC Firmware",
"version": {
"version_data": [
{
"version_value": "Please see reference document."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege, denial of service and/or information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
},
{
"name": "108766",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108766"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc_kit_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i5bex:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5cpyh:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5ppyh:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5pgyh:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i7ryx:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7bex:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hnk:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7cjy:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_de3815tyb:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5ryx:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3myx:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i3syx:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d54250wyx:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7dnx:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5dnx:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3dnx:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i7kyk:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7pjy:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_dn2820fykh:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3bnx:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5bnx:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7bnx:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i3cyx:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hvk:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6cayx:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3ryx:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5myx:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i5syx:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d34010wyx:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:compute_card_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:compute_card_cd1p64gk:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:compute_card_cd1m3128mk:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:compute_card_cd1c64gk:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:compute_card_cd1iv128mk:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:compute_stick_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:compute_stick_stk2mv64cc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:compute_stick_stk2m364cc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:compute_stick_stck1a8lfc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:compute_stick_stk2m3w64cc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:compute_stick_stck1a32wfc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2019-11129"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "108766",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108766"
},
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129",
"refsource": "MISC",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129"
},
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html",
"refsource": "CONFIRM",
"tags": [],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2019-06-20T23:15Z",
"publishedDate": "2019-06-13T16:29Z"
}
}
}
Loading…
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…