CVE-2019-0119 — MEDIUM (6.7)

Vulnerability Description

Buffer overflow vulnerability in system firmware for Intel(R) Xeon(R) Processor D Family, Intel(R) Xeon(R) Scalable Processor, Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access.

CVSS Score

6.7

MEDIUM

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Intel	Xeon D-1649N Firmware	-
Intel	Xeon D-1649N	-
Intel	Xeon D-1633N Firmware	-
Intel	Xeon D-1633N	-
Intel	Xeon D-1637 Firmware	-
Intel	Xeon D-1637	-
Intel	Xeon D-1627 Firmware	-
Intel	Xeon D-1627	-
Intel	Xeon D-1623N Firmware	-
Intel	Xeon D-1623N	-
Intel	Xeon D-1622 Firmware	-
Intel	Xeon D-1622	-
Intel	Xeon D-1653N Firmware	-
Intel	Xeon D-1653N	-
Intel	Xeon D-1602 Firmware	-
Intel	Xeon D-1602	-
Intel	Xeon D-2141I Firmware	-
Intel	Xeon D-2141I	-
Intel	Xeon D-2177Nt Firmware	-
Intel	Xeon D-2177Nt	-

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2019-0119?

CVE-2019-0119 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Buffer overflow vulnerability in system firmware for Intel(R) Xeon(R) Processor D Family, Intel(R) Xeon(R) Scalable Processor, Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module...

How severe is CVE-2019-0119?

CVE-2019-0119 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-0119?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Xeon D-1649N Firmware, Intel Xeon D-1649N, Intel Xeon D-1633N Firmware, Intel Xeon D-1633N, Intel Xeon D-1637 Firmware.