Vulnerability Description
Improper input validation in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Nuc 8 Mainstream Game Kit Firmware | < 0036 |
| Intel | Nuc 8 Mainstream Game Kit | - |
| Intel | Nuc 8 Mainstream Game Mini Computer Firmware | < 0036 |
| Intel | Nuc 8 Mainstream Game Mini Computer | - |
| Intel | Nuc8I7Bek Firmware | < 0077 |
| Intel | Nuc8I7Bek | - |
| Intel | Cd1P64Gk Firmware | < 0053 |
| Intel | Cd1P64Gk | - |
| Intel | Nuc8I3Cysm Firmware | < 0043 |
| Intel | Nuc8I3Cysm | - |
| Intel | Nuc8I7Hnk Firmware | < 0059 |
| Intel | Nuc8I7Hnk | - |
| Intel | Nuc7I7Dnke Firmware | < 0067 |
| Intel | Nuc7I7Dnke | - |
| Intel | Nuc7I5Dnke Firmware | < 0067 |
| Intel | Nuc7I5Dnke | - |
| Intel | Nuc7I3Dnhe Firmware | < 0067 |
| Intel | Nuc7I3Dnhe | - |
| Intel | Stk2Mv64Cc Firmware | < 0061 |
| Intel | Stk2Mv64Cc | - |
Related Weaknesses (CWE)
References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00323.PatchVendor Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00323.PatchVendor Advisory
FAQ
What is CVE-2019-14609?
CVE-2019-14609 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Improper input validation in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access.
How severe is CVE-2019-14609?
CVE-2019-14609 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-14609?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Nuc 8 Mainstream Game Kit Firmware, Intel Nuc 8 Mainstream Game Kit, Intel Nuc 8 Mainstream Game Mini Computer Firmware, Intel Nuc 8 Mainstream Game Mini Computer, Intel Nuc8I7Bek Firmware.