Vulnerability Description
Improper buffer restrictions in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Nuc 8 Mainstream Game Kit Firmware | < 0036 |
| Intel | Nuc 8 Mainstream Game Kit | - |
| Intel | Nuc 8 Mainstream Game Mini Computer Firmware | < 0036 |
| Intel | Nuc 8 Mainstream Game Mini Computer | - |
| Intel | Nuc8I7Bek Firmware | < 0077 |
| Intel | Nuc8I7Bek | - |
| Intel | Cd1P64Gk Firmware | < 0053 |
| Intel | Cd1P64Gk | - |
| Intel | Nuc8I3Cysm Firmware | < 0043 |
| Intel | Nuc8I3Cysm | - |
| Intel | Nuc8I7Hnk Firmware | < 0059 |
| Intel | Nuc8I7Hnk | - |
| Intel | Nuc7I7Dnke Firmware | < 0067 |
| Intel | Nuc7I7Dnke | - |
| Intel | Nuc7I5Dnke Firmware | < 0067 |
| Intel | Nuc7I5Dnke | - |
| Intel | Nuc7I3Dnhe Firmware | < 0067 |
| Intel | Nuc7I3Dnhe | - |
| Intel | Stk2Mv64Cc Firmware | < 0061 |
| Intel | Stk2Mv64Cc | - |
Related Weaknesses (CWE)
References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00323.PatchVendor Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00323.PatchVendor Advisory
FAQ
What is CVE-2019-14608?
CVE-2019-14608 is a vulnerability with a CVSS score of 7.8 (HIGH). Improper buffer restrictions in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access.
How severe is CVE-2019-14608?
CVE-2019-14608 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-14608?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Nuc 8 Mainstream Game Kit Firmware, Intel Nuc 8 Mainstream Game Kit, Intel Nuc 8 Mainstream Game Mini Computer Firmware, Intel Nuc 8 Mainstream Game Mini Computer, Intel Nuc8I7Bek Firmware.