CVE-2019-14612
First published: Mon Dec 16 2019(Updated: )
Out of bounds write in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel NUC 8 Mainstream Game Kit Firmware | <0036 | |
| Intel NUC 8 Mainstream-G Kit | ||
| Intel NUC 8 Mainstream-G | <0036 | |
| Intel NUC 8 Mainstream-G Mini PC | ||
| Intel NUC 8i7BEKQA Firmware | <0077 | |
| Intel NUC 8 i7 BEK | ||
| Intel CD1P64GK | <0053 | |
| Intel CD1P64GK Firmware | ||
| Intel NUC 8 Home NUC8i3Cysm Firmware | <0043 | |
| Intel NUC 8 Home PC NUC8i3Cysm | ||
| Intel NUC 8i7 HNK | <0059 | |
| Intel NUC 8i7 HNK | ||
| Intel NUC7i7DNKE Firmware | <0067 | |
| Intel NUC NUC7i7DNKE | ||
| Intel NUC7i5DNKE Firmware | <0067 | |
| Intel NUC7i5DNKE Firmware | ||
| Intel NUC 7i7DNHE | <0067 | |
| Intel NUC Kit NUC7i3DNHE | ||
| Intel Compute Element STK2MV64CC Firmware | <0061 | |
| Intel Compute Stick STK2MV64CC | ||
| Intel Compute Stick STK2M3W64CC Firmware | <0062 | |
| Intel Compute Stick STK2M3W64CC Firmware | ||
| Intel NUC 6i7KYK BIOS | <0066 | |
| Intel NUC6i7KYK Firmware | ||
| Intel NUC Kit NUC6i5SYH Firmware | <0072 | |
| Intel NUC Kit NUC6i5SYH Firmware | ||
| Intel NUC 7 CJYH Firmware | <0053 | |
| Intel NUC kit NUC7CJYH | ||
| Intel CD1M3128MK Firmware | <0058 | |
| Intel Compute Card CD1M3128MK | ||
| Intel CD1IV128MK Firmware | <0038 | |
| Intel Compute Card CD1IV128MK | ||
| Intel NUC6CAYS Firmware | <0064 | |
| Intel NUC6CAYS Firmware | ||
| Intel NUC Board DE3815TYBE | <0024 | |
| Intel NUC Board DE3815TYBE | ||
| Intel D34010WYB Firmware | <0054 | |
| Intel D34010WYB Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2019-14612?
CVE-2019-14612 is a vulnerability in the firmware for Intel(R) NUC(R) that may allow a privileged user to potentially enable escalation of privilege via local access.
Which software is affected by CVE-2019-14612?
The Intel NUC(R) 8 Mainstream Game Kit Firmware versions up to exclusive 0036, Intel NUC(R) 8 Mainstream Game Mini Computer Firmware versions up to exclusive 0036, Intel Nuc8i7bek Firmware versions up to exclusive 0077, Intel Cd1p64gk Firmware versions up to exclusive 0053, Intel Nuc8i3cysm Firmware versions up to exclusive 0043, Intel Nuc8i7hnk Firmware versions up to exclusive 0059, Intel Nuc7i7dnke Firmware versions up to exclusive 0067, Intel Nuc7i5dnke Firmware versions up to exclusive 0067, Intel Nuc7i3dnhe Firmware versions up to exclusive 0067, Intel Stk2mv64cc Firmware versions up to exclusive 0061, Intel Stk2m3w64cc Firmware versions up to exclusive 0062, Intel Nuc6i7kyk Firmware versions up to exclusive 0066, Intel Nuc6i5syh Firmware versions up to exclusive 0072, Intel Nuc7cjyh Firmware versions up to exclusive 0053, Intel Cd1m3128mk Firmware versions up to exclusive 0058, Intel Cd1iv128mk Firmware versions up to exclusive 0038, Intel Nuc6cays Firmware versions up to exclusive 0064, Intel De3815tybe Firmware versions up to exclusive 0024, and Intel D34010wyb Firmware versions up to exclusive 0054 are affected by CVE-2019-14612.
What is the severity of CVE-2019-14612?
The severity of CVE-2019-14612 is medium with a CVSS score of 6.7.
How can I fix CVE-2019-14612?
To fix CVE-2019-14612, it is recommended to update the firmware of the affected Intel NUC(R) devices to the latest versions available.
Where can I find more information about CVE-2019-14612?
You can find more information about CVE-2019-14612 on the Intel Security Center advisory page at https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00323.html.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/author
- agent/references
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- vendor/intel
- canonical/intel nuc 8 mainstream game kit firmware
- canonical/intel nuc 8 mainstream-g kit
- canonical/intel nuc 8 mainstream-g
- canonical/intel nuc 8 mainstream-g mini pc
- canonical/intel nuc 8i7bekqa firmware
- canonical/intel nuc 8 i7 bek
- canonical/intel cd1p64gk
- canonical/intel cd1p64gk firmware
- canonical/intel nuc 8 home nuc8i3cysm firmware
- canonical/intel nuc 8 home pc nuc8i3cysm
- canonical/intel nuc 8i7 hnk
- canonical/intel nuc7i7dnke firmware
- canonical/intel nuc nuc7i7dnke
- canonical/intel nuc7i5dnke firmware
- canonical/intel nuc 7i7dnhe
- canonical/intel nuc kit nuc7i3dnhe
- canonical/intel compute element stk2mv64cc firmware
- canonical/intel compute stick stk2mv64cc
- canonical/intel compute stick stk2m3w64cc firmware
- canonical/intel nuc 6i7kyk bios
- canonical/intel nuc6i7kyk firmware
- canonical/intel nuc kit nuc6i5syh firmware
- canonical/intel nuc 7 cjyh firmware
- canonical/intel nuc kit nuc7cjyh
- canonical/intel cd1m3128mk firmware
- canonical/intel compute card cd1m3128mk
- canonical/intel cd1iv128mk firmware
- canonical/intel compute card cd1iv128mk
- canonical/intel nuc6cays firmware
- canonical/intel nuc board de3815tybe
- canonical/intel d34010wyb firmware