CVE-2019-0185 — MEDIUM (5.5)

Vulnerability Description

Insufficient access control in protected memory subsystem for SMM for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor families; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 families; Intel(R) Xeon(R) E-2100 and E-2200 Processor families with Intel(R) Processor Graphics may allow a privileged user to potentially enable information disclosure via local access.

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Intel	Core I7-6970Hq Firmware	-
Intel	Core I7-6970Hq	-
Intel	Core I7-6920Hq Firmware	-
Intel	Core I7-6920Hq	-
Intel	Core I7-6870Hq Firmware	-
Intel	Core I7-6870Hq	-
Intel	Core I7-6822Eq Firmware	-
Intel	Core I7-6822Eq	-
Intel	Core I7-6820Hq Firmware	-
Intel	Core I7-6820Hq	-
Intel	Core I7-6820Hk Firmware	-
Intel	Core I7-6820Hk	-
Intel	Core I7-6820Eq Firmware	-
Intel	Core I7-6820Eq	-
Intel	Core I7-6785R Firmware	-
Intel	Core I7-6785R	-
Intel	Core I7-6700K Firmware	-
Intel	Core I7-6700K	-
Intel	Core I7-6700T Firmware	-
Intel	Core I7-6700T	-

References

FAQ

What is CVE-2019-0185?

CVE-2019-0185 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Insufficient access control in protected memory subsystem for SMM for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor families; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 families; Inte...

How severe is CVE-2019-0185?

CVE-2019-0185 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-0185?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Core I7-6970Hq Firmware, Intel Core I7-6970Hq, Intel Core I7-6920Hq Firmware, Intel Core I7-6920Hq, Intel Core I7-6870Hq Firmware.