medium
6.7
CWE
190
Advisory Published
Updated

CVE-2019-14611: Integer Overflow

First published: Mon Dec 16 2019(Updated: )

Integer overflow in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access.

Credit: secure@intel.com

Affected SoftwareAffected VersionHow to fix
Intel NUC 8 Mainstream Game Kit Firmware<0036
Intel NUC 8 Mainstream-G Kit
Intel NUC 8 Mainstream-G<0036
Intel NUC 8 Mainstream-G Mini PC
Intel NUC 8i7BEKQA Firmware<0077
Intel NUC 8 i7 BEK
Intel CD1P64GK<0053
Intel CD1P64GK Firmware
Intel NUC 8 Home NUC8i3Cysm Firmware<0043
Intel NUC 8 Home PC NUC8i3Cysm
Intel NUC 8i7 HNK<0059
Intel NUC 8i7 HNK
Intel NUC7i7DNKE Firmware<0067
Intel NUC NUC7i7DNKE
Intel NUC7i5DNKE Firmware<0067
Intel NUC7i5DNKE Firmware
Intel NUC 7i7DNHE<0067
Intel NUC Kit NUC7i3DNHE
Intel Compute Element STK2MV64CC Firmware<0061
Intel Compute Stick STK2MV64CC
Intel Compute Stick STK2M3W64CC Firmware<0062
Intel Compute Stick STK2M3W64CC Firmware
Intel NUC 6i7KYK BIOS<0066
Intel NUC6i7KYK Firmware
Intel NUC Kit NUC6i5SYH Firmware<0072
Intel NUC Kit NUC6i5SYH Firmware
Intel NUC 7 CJYH Firmware<0053
Intel NUC kit NUC7CJYH
Intel CD1M3128MK Firmware<0058
Intel Compute Card CD1M3128MK
Intel CD1IV128MK Firmware<0038
Intel Compute Card CD1IV128MK
Intel NUC6CAYS Firmware<0064
Intel NUC6CAYS Firmware
Intel NUC Board DE3815TYBE<0024
Intel NUC Board DE3815TYBE
Intel D34010WYB Firmware<0054
Intel D34010WYB Firmware

Remedy

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00323.html

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is CVE-2019-14611?

    CVE-2019-14611 is an integer overflow vulnerability in the firmware for Intel(R) NUC(R) that may allow a privileged user to potentially enable escalation of privilege via local access.

  • What is the severity of CVE-2019-14611?

    CVE-2019-14611 has a severity rating of 6.7 (Medium).

  • Which software is affected by CVE-2019-14611?

    The following software is affected by CVE-2019-14611: Intel NUC 8 Mainstream Game Kit Firmware, Intel NUC 8 Mainstream Game Mini Computer Firmware, Intel Nuc8i7bek Firmware, Intel Cd1p64gk Firmware, Intel Nuc8i3cysm Firmware, Intel Nuc8i7hnk Firmware, Intel Nuc7i7dnke Firmware, Intel Nuc7i5dnke Firmware, Intel Nuc7i3dnhe Firmware, Intel Stk2mv64cc Firmware, Intel Stk2m3w64cc Firmware, Intel Nuc6i7kyk Firmware, Intel Nuc6i5syh Firmware, Intel Nuc7cjyh Firmware, Intel Cd1m3128mk Firmware, Intel Cd1iv128mk Firmware, Intel Nuc6cays Firmware, Intel De3815tybe Firmware, and Intel D34010wyb Firmware.

  • How can I fix CVE-2019-14611?

    To fix CVE-2019-14611, update the firmware of the affected Intel NUC devices to the latest version provided by Intel.

  • Where can I find more information about CVE-2019-14611?

    You can find more information about CVE-2019-14611 on the Intel Security Center Advisory page: [link](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00323.html)

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203