high
7.8
CWE
119
Advisory Published
Updated

CVE-2019-14608: Buffer Overflow

First published: Mon Dec 16 2019(Updated: )

Improper buffer restrictions in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access.

Credit: secure@intel.com

Affected SoftwareAffected VersionHow to fix
Intel NUC 8 Mainstream Game Kit Firmware<0036
Intel NUC 8 Mainstream-G Kit
Intel NUC 8 Mainstream-G<0036
Intel NUC 8 Mainstream-G Mini PC
Intel NUC 8i7BEKQA Firmware<0077
Intel NUC 8 i7 BEK
Intel CD1P64GK<0053
Intel CD1P64GK Firmware
Intel NUC 8 Home NUC8i3Cysm Firmware<0043
Intel NUC 8 Home PC NUC8i3Cysm
Intel NUC 8i7 HNK<0059
Intel NUC 8i7 HNK
Intel NUC7i7DNKE Firmware<0067
Intel NUC NUC7i7DNKE
Intel NUC7i5DNKE Firmware<0067
Intel NUC7i5DNKE Firmware
Intel NUC 7i7DNHE<0067
Intel NUC Kit NUC7i3DNHE
Intel Compute Element STK2MV64CC Firmware<0061
Intel Compute Stick STK2MV64CC
Intel Compute Stick STK2M3W64CC Firmware<0062
Intel Compute Stick STK2M3W64CC Firmware
Intel NUC 6i7KYK BIOS<0066
Intel NUC6i7KYK Firmware
Intel NUC Kit NUC6i5SYH Firmware<0072
Intel NUC Kit NUC6i5SYH Firmware
Intel NUC 7 CJYH Firmware<0053
Intel NUC kit NUC7CJYH
Intel CD1M3128MK Firmware<0058
Intel Compute Card CD1M3128MK
Intel CD1IV128MK Firmware<0038
Intel Compute Card CD1IV128MK
Intel NUC6CAYS Firmware<0064
Intel NUC6CAYS Firmware
Intel NUC Board DE3815TYBE<0024
Intel NUC Board DE3815TYBE
Intel D34010WYB Firmware<0054
Intel D34010WYB Firmware

Remedy

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00323.html

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is CVE-2019-14608?

    CVE-2019-14608 is a vulnerability in the firmware for Intel(R) NUC(R) that may allow an authenticated user to potentially enable escalation of privilege via local access.

  • How severe is CVE-2019-14608?

    CVE-2019-14608 has a severity rating of 7.8, which is considered high.

  • Which software is affected by CVE-2019-14608?

    The affected software includes Intel Nuc 8 Mainstream Game Kit Firmware, Intel Nuc 8 Mainstream Game Mini Computer Firmware, Intel Nuc8i7bek Firmware, Intel Cd1p64gk Firmware, Intel Nuc8i3cysm Firmware, Intel Nuc8i7hnk Firmware, Intel Nuc7i7dnke Firmware, Intel Nuc7i5dnke Firmware, Intel Nuc7i3dnhe Firmware, Intel Stk2mv64cc Firmware, Intel Stk2m3w64cc Firmware, Intel Nuc6i7kyk Firmware, Intel Nuc6i5syh Firmware, Intel Nuc7cjyh Firmware, Intel Cd1m3128mk Firmware, Intel Cd1iv128mk Firmware, Intel Nuc6cays Firmware, Intel De3815tybe Firmware, and Intel D34010wyb Firmware.

  • How can an authenticated user exploit CVE-2019-14608?

    An authenticated user can potentially exploit CVE-2019-14608 to enable escalation of privilege through local access.

  • Where can I find more information about CVE-2019-14608?

    You can find more information about CVE-2019-14608 at the following reference: [link](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00323.html)

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203