medium
6.7
CWE
787
Advisory Published
Updated

CVE-2019-14612

First published: Mon Dec 16 2019(Updated: )

Out of bounds write in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access.

Credit: secure@intel.com

Affected SoftwareAffected VersionHow to fix
Intel Nuc 8 Mainstream Game Kit Firmware<0036
Intel Nuc 8 Mainstream Game Kit
Intel Nuc 8 Mainstream Game Mini Computer Firmware<0036
Intel Nuc 8 Mainstream Game Mini Computer
Intel Nuc8i7bek Firmware<0077
Intel Nuc8i7bek
Intel Cd1p64gk Firmware<0053
Intel Cd1p64gk
Intel Nuc8i3cysm Firmware<0043
Intel Nuc8i3cysm
Intel Nuc8i7hnk Firmware<0059
Intel Nuc8i7hnk
Intel Nuc7i7dnke Firmware<0067
Intel Nuc7i7dnke
Intel Nuc7i5dnke Firmware<0067
Intel Nuc7i5dnke
Intel Nuc7i3dnhe Firmware<0067
Intel Nuc7i3dnhe
Intel Stk2mv64cc Firmware<0061
Intel Stk2mv64cc
Intel Stk2m3w64cc Firmware<0062
Intel Stk2m3w64cc
Intel Nuc6i7kyk Firmware<0066
Intel Nuc6i7kyk
Intel Nuc6i5syh Firmware<0072
Intel Nuc6i5syh
Intel Nuc7cjyh Firmware<0053
Intel Nuc7cjyh
Intel Cd1m3128mk Firmware<0058
Intel Cd1m3128mk
Intel Cd1iv128mk Firmware<0038
Intel Cd1iv128mk
Intel Nuc6cays Firmware<0064
Intel Nuc6cays
Intel De3815tybe Firmware<0024
Intel De3815tybe
Intel D34010wyb Firmware<0054
Intel D34010wyb

Remedy

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00323.html

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is CVE-2019-14612?

    CVE-2019-14612 is a vulnerability in the firmware for Intel(R) NUC(R) that may allow a privileged user to potentially enable escalation of privilege via local access.

  • Which software is affected by CVE-2019-14612?

    The Intel NUC(R) 8 Mainstream Game Kit Firmware versions up to exclusive 0036, Intel NUC(R) 8 Mainstream Game Mini Computer Firmware versions up to exclusive 0036, Intel Nuc8i7bek Firmware versions up to exclusive 0077, Intel Cd1p64gk Firmware versions up to exclusive 0053, Intel Nuc8i3cysm Firmware versions up to exclusive 0043, Intel Nuc8i7hnk Firmware versions up to exclusive 0059, Intel Nuc7i7dnke Firmware versions up to exclusive 0067, Intel Nuc7i5dnke Firmware versions up to exclusive 0067, Intel Nuc7i3dnhe Firmware versions up to exclusive 0067, Intel Stk2mv64cc Firmware versions up to exclusive 0061, Intel Stk2m3w64cc Firmware versions up to exclusive 0062, Intel Nuc6i7kyk Firmware versions up to exclusive 0066, Intel Nuc6i5syh Firmware versions up to exclusive 0072, Intel Nuc7cjyh Firmware versions up to exclusive 0053, Intel Cd1m3128mk Firmware versions up to exclusive 0058, Intel Cd1iv128mk Firmware versions up to exclusive 0038, Intel Nuc6cays Firmware versions up to exclusive 0064, Intel De3815tybe Firmware versions up to exclusive 0024, and Intel D34010wyb Firmware versions up to exclusive 0054 are affected by CVE-2019-14612.

  • What is the severity of CVE-2019-14612?

    The severity of CVE-2019-14612 is medium with a CVSS score of 6.7.

  • How can I fix CVE-2019-14612?

    To fix CVE-2019-14612, it is recommended to update the firmware of the affected Intel NUC(R) devices to the latest versions available.

  • Where can I find more information about CVE-2019-14612?

    You can find more information about CVE-2019-14612 on the Intel Security Center advisory page at https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00323.html.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203