What is CVE-2019-14608?

CVE-2019-14608 is a vulnerability in the firmware for Intel(R) NUC(R) that may allow an authenticated user to potentially enable escalation of privilege via local access.

How severe is CVE-2019-14608?

CVE-2019-14608 has a severity rating of 7.8, which is considered high.

Which software is affected by CVE-2019-14608?

The affected software includes Intel Nuc 8 Mainstream Game Kit Firmware, Intel Nuc 8 Mainstream Game Mini Computer Firmware, Intel Nuc8i7bek Firmware, Intel Cd1p64gk Firmware, Intel Nuc8i3cysm Firmware, Intel Nuc8i7hnk Firmware, Intel Nuc7i7dnke Firmware, Intel Nuc7i5dnke Firmware, Intel Nuc7i3dnhe Firmware, Intel Stk2mv64cc Firmware, Intel Stk2m3w64cc Firmware, Intel Nuc6i7kyk Firmware, Intel Nuc6i5syh Firmware, Intel Nuc7cjyh Firmware, Intel Cd1m3128mk Firmware, Intel Cd1iv128mk Firmware, Intel Nuc6cays Firmware, Intel De3815tybe Firmware, and Intel D34010wyb Firmware.

How can an authenticated user exploit CVE-2019-14608?

An authenticated user can potentially exploit CVE-2019-14608 to enable escalation of privilege through local access.

Where can I find more information about CVE-2019-14608?

You can find more information about CVE-2019-14608 at the following reference: [link](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00323.html)

Vulnerability/
CVE-2019-14608

high

7.8

CWE

119

16/12/2019

5/8/2024

CVE-2019-14608: Buffer Overflow

First published: Mon Dec 16 2019(Updated: )

Improper buffer restrictions in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access.

Credit: secure@intel.com

Affected Software	Affected Version	How to fix
Intel Nuc 8 Mainstream Game Kit Firmware	<0036
Intel Nuc 8 Mainstream Game Kit
Intel Nuc 8 Mainstream Game Mini Computer Firmware	<0036
Intel Nuc 8 Mainstream Game Mini Computer
Intel Nuc8i7bek Firmware	<0077
Intel Nuc8i7bek
Intel Cd1p64gk Firmware	<0053
Intel Cd1p64gk
Intel Nuc8i3cysm Firmware	<0043
Intel Nuc8i3cysm
Intel Nuc8i7hnk Firmware	<0059
Intel Nuc8i7hnk
Intel Nuc7i7dnke Firmware	<0067
Intel Nuc7i7dnke
Intel Nuc7i5dnke Firmware	<0067
Intel Nuc7i5dnke
Intel Nuc7i3dnhe Firmware	<0067
Intel Nuc7i3dnhe
Intel Stk2mv64cc Firmware	<0061
Intel Stk2mv64cc
Intel Stk2m3w64cc Firmware	<0062
Intel Stk2m3w64cc
Intel Nuc6i7kyk Firmware	<0066
Intel Nuc6i7kyk
Intel Nuc6i5syh Firmware	<0072
Intel Nuc6i5syh
Intel Nuc7cjyh Firmware	<0053
Intel Nuc7cjyh
Intel Cd1m3128mk Firmware	<0058
Intel Cd1m3128mk
Intel Cd1iv128mk Firmware	<0038
Intel Cd1iv128mk
Intel Nuc6cays Firmware	<0064
Intel Nuc6cays
Intel De3815tybe Firmware	<0024
Intel De3815tybe
Intel D34010wyb Firmware	<0054
Intel D34010wyb

Remedy

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00323.html

Never miss a vulnerability like this again

Reference Links

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00323.html

Frequently Asked Questions

What is CVE-2019-14608?
CVE-2019-14608 is a vulnerability in the firmware for Intel(R) NUC(R) that may allow an authenticated user to potentially enable escalation of privilege via local access.
How severe is CVE-2019-14608?
CVE-2019-14608 has a severity rating of 7.8, which is considered high.
Which software is affected by CVE-2019-14608?
The affected software includes Intel Nuc 8 Mainstream Game Kit Firmware, Intel Nuc 8 Mainstream Game Mini Computer Firmware, Intel Nuc8i7bek Firmware, Intel Cd1p64gk Firmware, Intel Nuc8i3cysm Firmware, Intel Nuc8i7hnk Firmware, Intel Nuc7i7dnke Firmware, Intel Nuc7i5dnke Firmware, Intel Nuc7i3dnhe Firmware, Intel Stk2mv64cc Firmware, Intel Stk2m3w64cc Firmware, Intel Nuc6i7kyk Firmware, Intel Nuc6i5syh Firmware, Intel Nuc7cjyh Firmware, Intel Cd1m3128mk Firmware, Intel Cd1iv128mk Firmware, Intel Nuc6cays Firmware, Intel De3815tybe Firmware, and Intel D34010wyb Firmware.
How can an authenticated user exploit CVE-2019-14608?
An authenticated user can potentially exploit CVE-2019-14608 to enable escalation of privilege through local access.
Where can I find more information about CVE-2019-14608?
You can find more information about CVE-2019-14608 at the following reference: [link](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00323.html)

collector/nvd-index
agent/severity
agent/weakness
agent/references
agent/author
agent/event
agent/tags
agent/type
agent/description
agent/remedy
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
vendor/intel
canonical/intel nuc 8 mainstream game kit firmware
canonical/intel nuc 8 mainstream game kit
canonical/intel nuc 8 mainstream game mini computer firmware
canonical/intel nuc 8 mainstream game mini computer
canonical/intel nuc8i7bek firmware
canonical/intel nuc8i7bek
canonical/intel cd1p64gk firmware
canonical/intel cd1p64gk
canonical/intel nuc8i3cysm firmware
canonical/intel nuc8i3cysm
canonical/intel nuc8i7hnk firmware
canonical/intel nuc8i7hnk
canonical/intel nuc7i7dnke firmware
canonical/intel nuc7i7dnke
canonical/intel nuc7i5dnke firmware
canonical/intel nuc7i5dnke
canonical/intel nuc7i3dnhe firmware
canonical/intel nuc7i3dnhe
canonical/intel stk2mv64cc firmware
canonical/intel stk2mv64cc
canonical/intel stk2m3w64cc firmware
canonical/intel stk2m3w64cc
canonical/intel nuc6i7kyk firmware
canonical/intel nuc6i7kyk
canonical/intel nuc6i5syh firmware
canonical/intel nuc6i5syh
canonical/intel nuc7cjyh firmware
canonical/intel nuc7cjyh
canonical/intel cd1m3128mk firmware
canonical/intel cd1m3128mk
canonical/intel cd1iv128mk firmware
canonical/intel cd1iv128mk
canonical/intel nuc6cays firmware
canonical/intel nuc6cays
canonical/intel de3815tybe firmware
canonical/intel de3815tybe
canonical/intel d34010wyb firmware
canonical/intel d34010wyb