cvelistv5 - CVE-2019-11127

CVE-2019-11127 (GCVE-0-2019-11127)

Vulnerability from cvelistv5

Published

2019-06-13 15:36

Modified

2024-08-04 22:48

Severity ?

CWE

escalation of privilege, denial of service and/or information disclosure

Summary

Buffer overflow in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

References

URL

	Vendor	Product	Version
	n/a	Intel(R) NUC Firmware	Version: Please see reference document.

ghsa-jwcp-99mg-4j5m

Vulnerability from github

Published

2022-05-24 16:47

Modified

2024-04-04 00:57

Severity ?

6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

Buffer overflow in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-11127"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-06-13T16:29:00Z",
    "severity": "MODERATE"
  },
  "details": "Buffer overflow in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.",
  "id": "GHSA-jwcp-99mg-4j5m",
  "modified": "2024-04-04T00:57:09Z",
  "published": "2022-05-24T16:47:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11127"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/in"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/108766"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

fkie_cve-2019-11127

Vulnerability from fkie_nvd

Published

2019-06-13 16:29

Modified

2024-11-21 04:20

Severity ?

6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

Buffer overflow in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

References

URL	Tags
secure@intel.com	http://www.securityfocus.com/bid/108766	Third Party Advisory, VDB Entry
secure@intel.com	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html
nvd@nist.gov	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108766	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html

Impacted products

Vendor	Product	Version
intel	nuc_kit_firmware	-
intel	nuc_kit_nuc8i3bex	-
intel	nuc_kit_nuc8i3bex	nuc_kit_d34010wyx
intel	nuc_kit_nuc8i3bex	nuc_kit_d54250wyx
intel	nuc_kit_nuc8i3bex	nuc_kit_de3815tyb
intel	nuc_kit_nuc8i3bex	nuc_kit_dn2820fykh
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc5cpyh
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc5i3myx
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc5i3ryx
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc5i5myx
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc5i5ryx
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc5i7ryx
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc5pgyh
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc5ppyh
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc6cayx
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc6i3syx
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc6i5syx
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc6i7kyk
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc7cjy
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc7i3bnx
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc7i3dnx
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc7i5bnx
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc7i5dnx
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc7i7bnx
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc7i7dnx
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc7pjy
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc8i3cyx
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc8i5bex
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc8i7bex
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc8i7hnk
intel	nuc_kit_nuc8i3bex	nuc_kit_nuc8i7hvk
intel	compute_card_firmware	-
intel	compute_card_cd1c64gk	-
intel	compute_card_cd1iv128mk	-
intel	compute_card_cd1m3128mk	-
intel	compute_card_cd1p64gk	-
intel	compute_stick_firmware	-
intel	compute_stick_stck1a32wfc	-
intel	compute_stick_stck1a8lfc	-
intel	compute_stick_stk2m364cc	-
intel	compute_stick_stk2m3w64cc	-
intel	compute_stick_stk2mv64cc	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:nuc_kit_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71AA56A6-EB26-4A62-83EC-6961BC24D4DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88D13413-C312-450A-90D5-48BEB1A9036E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d34010wyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4C02113-34E3-4C07-93D3-4AA22E9217DF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d54250wyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0E48A01-63CF-4C0F-836B-2BB06A28094F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_de3815tyb:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ED26383-FE24-4730-9593-1B87B51AA651",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_dn2820fykh:*:*:*:*:*:*:*",
              "matchCriteriaId": "633D585D-B1A7-4DEF-AC47-F513088F94FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5cpyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "77D3091A-D8C4-40AD-958C-C1CDB7C250EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3myx:*:*:*:*:*:*:*",
              "matchCriteriaId": "97C44293-9E69-4E3E-A59B-27138066B105",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B548392-6051-44CA-B8A8-DB3886CE7FBF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5myx:*:*:*:*:*:*:*",
              "matchCriteriaId": "511FE5B3-5AE5-4428-BA4A-5B45941D9B62",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC61C3BA-8456-4851-A1F0-E1D6A47F938E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i7ryx:*:*:*:*:*:*:*",
              "matchCriteriaId": "E96F930E-F0E1-4611-B205-E0169ECD9491",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5pgyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2B59679-B316-46FC-9426-72A8D95B0DE7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5ppyh:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8728A26-E1A4-4215-8FFE-3638782DA739",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6cayx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6637B704-3905-4F6A-A2CF-DB18E2A776C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i3syx:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE1C6ED2-180E-4C53-8B3A-A9A67FEE2FDA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i5syx:*:*:*:*:*:*:*",
              "matchCriteriaId": "548B342B-0E6C-4E74-BF67-450D0E84BA9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i7kyk:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BBFF3B1-237E-4E0D-8B94-E9F2215851E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7cjy:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD5262A4-2C3B-4801-870B-3F4D431DEC46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F5E5C2-F307-45CF-ABAF-89164FF2746B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF1903DA-B3FF-4B9B-941D-6F9AD0EBF2A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "57B2AFD1-357D-473A-A5A1-ED8F20FBE3A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5CDAC90-836E-45B3-BFA3-32268E54064A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7bnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B8FE994-6637-4109-A050-C98A0A1BEFEA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7dnx:*:*:*:*:*:*:*",
              "matchCriteriaId": "09834DD2-6FD4-4A70-AAAF-EF1814DF0732",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7pjy:*:*:*:*:*:*:*",
              "matchCriteriaId": "93745511-0B33-4F55-9021-318B751087A7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i3cyx:*:*:*:*:*:*:*",
              "matchCriteriaId": "72DFFFA1-B4CD-44FA-9FDB-1DCC39E06491",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i5bex:*:*:*:*:*:*:*",
              "matchCriteriaId": "A23E8A97-3460-4C6F-BA5C-0188DF367AB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7bex:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D44CAA8-EAA5-4997-8C43-169D96776D0F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hnk:*:*:*:*:*:*:*",
              "matchCriteriaId": "D86F9BA9-430F-4081-925F-0F59E1ADF1D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hvk:*:*:*:*:*:*:*",
              "matchCriteriaId": "88A2B949-34AB-4C5D-84C0-CC502A887208",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:compute_card_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F811493-1AB4-47BC-B942-2E93A7349843",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1c64gk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F05A36D1-E417-4904-9DBB-C5828F6521B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1iv128mk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFEA643F-FE21-45B0-AC74-D87D7D864D10",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1m3128mk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FA6131-F3C8-4B98-B4E8-C320C262F750",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_card_cd1p64gk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E3D93D1-5772-4806-9428-9AB26B32D210",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:compute_stick_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B4308-A49D-487D-A04D-FE34235F61C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stck1a32wfc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E453448C-AA11-48E3-8423-60E62A10D0CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stck1a8lfc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17AA0B4A-67AF-466E-BCA6-A8654CA99406",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2m364cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4E8B2EE-302C-4019-A20E-025AAB7E8C9E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2m3w64cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9A90BE5-6136-43A9-BC91-9474D3D0EEF6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:intel:compute_stick_stk2mv64cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B0C9D80-37A3-43E5-B818-55532F613436",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento en el Buffer en el system Firmware para Inte(R) NUC KIT puede permitir a un usuario privilegiado habilitar potencialmente un aumento de denegaci\u00f3n de servicio y/o revelaci\u00f3n de informaci\u00f3n a trav\u00e9s del acceso local"
    }
  ],
  "id": "CVE-2019-11127",
  "lastModified": "2024-11-21T04:20:34.887",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-06-13T16:29:01.497",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108766"
    },
    {
      "source": "secure@intel.com",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
    },
    {
      "source": "nvd@nist.gov",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108766"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Buffer overflow in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. Multiple Intel NUC Kits are prone to multiple unspecified security vulnerabilities. Attackers can leverage these issues to gain elevated privileges, cause denial-of-service conditions or obtain sensitive information. Intel NUC Kit is a small desktop computer produced by Intel Corporation of the United States. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201906-1234",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "compute card",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc kit",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "compute stick",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "accelerated storage manager",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "chipset device software",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "compute card",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "compute stick",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "core i3",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "core i5",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "core x-series",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc kit",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "omni-path fabric manager gui",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "pentium",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "processor 2000 series"
      },
      {
        "model": "pentium",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "processor 3000 series"
      },
      {
        "model": "pentium",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "processor g series"
      },
      {
        "model": "proset/wireless software driver",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "raid web console v3",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "for windows"
      },
      {
        "model": "sgx dcap linux driver",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "sgx linux client driver",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "turbo boost max technology",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "xeon",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "processor e7 v3 family"
      },
      {
        "model": "xeon",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "processor e7 v5 family"
      },
      {
        "model": "xeon",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "processor e7 v7 family"
      },
      {
        "model": "ite tech* consumer infrared driver",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "for windows 10"
      },
      {
        "model": "open cloud integrity technology",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "openattestation",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc kitnuc6cayx bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc8i7hvk bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc8i7hnk bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc8i7bex bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc8i5bex bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc8i3cyx bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc8i3bex bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc7pjy bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc7i7dnx bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc7i7bnx bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc7i5dnx bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc7i5bnx bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc7i3dnx bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc7i3bnx bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc7cjy bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc6i7kyk bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc6i5syx bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc6i3syx bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc5ppyh bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc5pgyh bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc5i7ryx bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc5i5ryx bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc5i5myx bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc5i3ryx bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc5i3myx bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit nuc5cpyh bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit dn2820fykh bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit de3815tyb bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit d54250wyx bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kit d34010wyx bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "compute stick stk2mv64cc bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "compute stick stk2m3w64cc bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "compute stick stk2m364cc bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "compute stick stck1a8lfc bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "compute stick stck1a32wfc bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "compute card cd1p64gk bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "compute card cd1m3128mk bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "compute card cd1iv128mk bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "compute card cd1c64gk bios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc kitnuc6cayx bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0060"
      },
      {
        "model": "nuc kit nuc8i7hvk bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0054"
      },
      {
        "model": "nuc kit nuc8i7hnk bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0054"
      },
      {
        "model": "nuc kit nuc8i7bex bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0071"
      },
      {
        "model": "nuc kit nuc8i5bex bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0071"
      },
      {
        "model": "nuc kit nuc8i3cyx bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0040"
      },
      {
        "model": "nuc kit nuc8i3bex bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0071"
      },
      {
        "model": "nuc kit nuc7pjy bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0049"
      },
      {
        "model": "nuc kit nuc7i7dnx bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0063"
      },
      {
        "model": "nuc kit nuc7i7bnx bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0079"
      },
      {
        "model": "nuc kit nuc7i5dnx bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0063"
      },
      {
        "model": "nuc kit nuc7i5bnx bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0079"
      },
      {
        "model": "nuc kit nuc7i3dnx bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0063"
      },
      {
        "model": "nuc kit nuc7i3bnx bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0079"
      },
      {
        "model": "nuc kit nuc7cjy bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0049"
      },
      {
        "model": "nuc kit nuc6i7kyk bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0062"
      },
      {
        "model": "nuc kit nuc6i5syx bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0070"
      },
      {
        "model": "nuc kit nuc6i3syx bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0070"
      },
      {
        "model": "nuc kit nuc5ppyh bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0076"
      },
      {
        "model": "nuc kit nuc5pgyh bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0076"
      },
      {
        "model": "nuc kit nuc5i7ryx bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0379"
      },
      {
        "model": "nuc kit nuc5i5ryx bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0379"
      },
      {
        "model": "nuc kit nuc5i5myx bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0051"
      },
      {
        "model": "nuc kit nuc5i3ryx bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0379"
      },
      {
        "model": "nuc kit nuc5i3myx bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0054"
      },
      {
        "model": "nuc kit nuc5cpyh bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0076"
      },
      {
        "model": "nuc kit dn2820fykh bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0067"
      },
      {
        "model": "nuc kit de3815tyb bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0065"
      },
      {
        "model": "nuc kit de3815tyb bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0020"
      },
      {
        "model": "nuc kit d54250wyx bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0051"
      },
      {
        "model": "nuc kit d34010wyx bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0051"
      },
      {
        "model": "compute stick stk2mv64cc bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0060"
      },
      {
        "model": "compute stick stk2m3w64cc bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0060"
      },
      {
        "model": "compute stick stk2m364cc bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0060"
      },
      {
        "model": "compute stick stck1a8lfc bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0039"
      },
      {
        "model": "compute stick stck1a32wfc bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0039"
      },
      {
        "model": "compute card cd1p64gk bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0050"
      },
      {
        "model": "compute card cd1m3128mk bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0056"
      },
      {
        "model": "compute card cd1iv128mk bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0036"
      },
      {
        "model": "compute card cd1c64gk bios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0050"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "108766"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004980"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11127"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:intel:accelerated_storage_manager",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:chipset_device_software",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:compute_card_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:compute_stick_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:intel:core_i3",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:intel:core_i5",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:core_x-series",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:nuc_kit_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:omni-path_fabric_manager_gui",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:intel:pentium",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:intel:proset%2Fwireless_software_and_driver",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:intel:raid_web_console_3",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:sgx_dcap_linux_driver",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:sgx_linux_client_driver",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:turbo_boost_max_technology",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:intel:xeon",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:ite_tech_consumer_infrared_driver",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:open_cloud_integrity_technology",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:openattestation",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004980"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "and Malyutin Maksim.,Alexander Ermolov ,Ruslan Zakirov",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-552"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-11127",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CVE-2019-11127",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.1,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "VHN-142742",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 0.8,
            "id": "CVE-2019-11127",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-11127",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201906-552",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-142742",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2019-11127",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142742"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-11127"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-552"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11127"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. Multiple Intel NUC Kits are prone to multiple unspecified security vulnerabilities. \nAttackers can leverage these issues to gain elevated privileges, cause  denial-of-service conditions or obtain sensitive information. Intel NUC Kit is a small desktop computer produced by Intel Corporation of the United States. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-11127"
      },
      {
        "db": "BID",
        "id": "108766"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142742"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-11127"
      }
    ],
    "trust": 1.35
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-11127",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "108766",
        "trust": 2.1
      },
      {
        "db": "JVN",
        "id": "JVNVU95572531",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004980",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-552",
        "trust": 0.7
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.2099",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-142742",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-11127",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142742"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-11127"
      },
      {
        "db": "BID",
        "id": "108766"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004980"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-552"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11127"
      }
    ]
  },
  "id": "VAR-201906-1234",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142742"
      }
    ],
    "trust": 0.8407131071428573
  },
  "last_update_date": "2024-11-23T20:02:18.405000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "[INTEL-SA-00248] Open Cloud Integrity Technology and OpenAttestation Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00248.html"
      },
      {
        "title": "[INTEL-SA-00257] Intel Omni-Path Fabric Manager GUI Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00257.html"
      },
      {
        "title": "[INTEL-SA-00259] Intel RAID Web Console 3 for Windows* Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00259.html"
      },
      {
        "title": "[INTEL-SA-00224] Intel Chipset Device Software (INF Update Utility) Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00224.html"
      },
      {
        "title": "[INTEL-SA-00264] Intel NUC Firmware Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
      },
      {
        "title": "[INTEL-SA-00226] Intel Accelerated Storage Manager in Intel Rapid Storage Technology Enterprise Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00226.html"
      },
      {
        "title": "[INTEL-SA-00206] ITE Tech* Consumer Infrared Driver for Windows 10 Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00206.html"
      },
      {
        "title": "[INTEL-SA-00232] Intel PROSet/Wireless WiFi Software Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00232.html"
      },
      {
        "title": "[INTEL-SA-00235] Intel SGX for Linux Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00235.html"
      },
      {
        "title": "[INTEL-SA-00243] Intel Turbo Boost Max Technology 3.0 Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00243.html"
      },
      {
        "title": "[INTEL-SA-00247] Partial Physical Address Leakage Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00247.html"
      },
      {
        "title": "Intel NUC Kit Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=93785"
      },
      {
        "title": "Threatpost",
        "trust": 0.1,
        "url": "https://threatpost.com/intel-patches-nuc-firmware/145620/"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2019-11127"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004980"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-552"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142742"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11127"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/108766"
      },
      {
        "trust": 2.1,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
      },
      {
        "trust": 1.7,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11127"
      },
      {
        "trust": 0.9,
        "url": "http://www.intel.com/"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0130"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0179"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11123"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0136"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0180"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11124"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0157"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0181"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11125"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0164"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0182"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11126"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11127"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0174"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0183"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11128"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0175"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11092"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11129"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3702"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0177"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11117"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0128"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0178"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11119"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu95572531"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0128"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0178"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11119"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0130"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0179"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11123"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0136"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0180"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11124"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0157"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0181"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11125"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0164"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0182"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11126"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0174"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0183"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0175"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11092"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11128"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-3702"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0177"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11117"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11129"
      },
      {
        "trust": 0.6,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/in"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2019.2099/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/119.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://threatpost.com/intel-patches-nuc-firmware/145620/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142742"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-11127"
      },
      {
        "db": "BID",
        "id": "108766"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004980"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-552"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11127"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-142742"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-11127"
      },
      {
        "db": "BID",
        "id": "108766"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004980"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-552"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11127"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-06-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142742"
      },
      {
        "date": "2019-06-13T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-11127"
      },
      {
        "date": "2019-06-11T00:00:00",
        "db": "BID",
        "id": "108766"
      },
      {
        "date": "2019-06-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004980"
      },
      {
        "date": "2019-06-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201906-552"
      },
      {
        "date": "2019-06-13T16:29:01.497000",
        "db": "NVD",
        "id": "CVE-2019-11127"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-06-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142742"
      },
      {
        "date": "2019-06-24T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-11127"
      },
      {
        "date": "2019-06-11T00:00:00",
        "db": "BID",
        "id": "108766"
      },
      {
        "date": "2019-06-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004980"
      },
      {
        "date": "2019-06-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201906-552"
      },
      {
        "date": "2024-11-21T04:20:34.887000",
        "db": "NVD",
        "id": "CVE-2019-11127"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "108766"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-552"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Intel Multiple vulnerabilities in the product",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004980"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201906-552"
      }
    ],
    "trust": 0.6
  }
}

cnvd-2019-42732

Vulnerability from cnvd

Title

Intel NUC Kit缓冲区溢出漏洞（CNVD-2019-42732）

Description

Intel NUC Kit是美国英特尔（Intel）公司的一款小型台式电脑。 Intel NUC Kit中的系统固件存在缓冲区溢出漏洞。该漏洞源于网络系统或产品在内存上执行操作时，未正确验证数据边界，导致向关联的其他内存位置上执行了错误的读写操作。攻击者可利用该漏洞导致缓冲区溢出或堆溢出等。

Severity

中

Patch Name

Intel NUC Kit缓冲区溢出漏洞（CNVD-2019-42732）的补丁

Patch Description

Intel NUC Kit是美国英特尔（Intel）公司的一款小型台式电脑。 Intel NUC Kit中的系统固件存在缓冲区溢出漏洞。该漏洞源于网络系统或产品在内存上执行操作时，未正确验证数据边界，导致向关联的其他内存位置上执行了错误的读写操作。攻击者可利用该漏洞导致缓冲区溢出或堆溢出等。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html

Reference

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html

Impacted products

Name
Intel NUC kits

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-11127",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11127"
    }
  },
  "description": "Intel NUC Kit\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u5c0f\u578b\u53f0\u5f0f\u7535\u8111\u3002\n\nIntel NUC Kit\u4e2d\u7684\u7cfb\u7edf\u56fa\u4ef6\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u5728\u5185\u5b58\u4e0a\u6267\u884c\u64cd\u4f5c\u65f6\uff0c\u672a\u6b63\u786e\u9a8c\u8bc1\u6570\u636e\u8fb9\u754c\uff0c\u5bfc\u81f4\u5411\u5173\u8054\u7684\u5176\u4ed6\u5185\u5b58\u4f4d\u7f6e\u4e0a\u6267\u884c\u4e86\u9519\u8bef\u7684\u8bfb\u5199\u64cd\u4f5c\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7f13\u51b2\u533a\u6ea2\u51fa\u6216\u5806\u6ea2\u51fa\u7b49\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-42732",
  "openTime": "2019-11-28",
  "patchDescription": "Intel NUC Kit\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u5c0f\u578b\u53f0\u5f0f\u7535\u8111\u3002\r\n\r\nIntel NUC Kit\u4e2d\u7684\u7cfb\u7edf\u56fa\u4ef6\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u5728\u5185\u5b58\u4e0a\u6267\u884c\u64cd\u4f5c\u65f6\uff0c\u672a\u6b63\u786e\u9a8c\u8bc1\u6570\u636e\u8fb9\u754c\uff0c\u5bfc\u81f4\u5411\u5173\u8054\u7684\u5176\u4ed6\u5185\u5b58\u4f4d\u7f6e\u4e0a\u6267\u884c\u4e86\u9519\u8bef\u7684\u8bfb\u5199\u64cd\u4f5c\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7f13\u51b2\u533a\u6ea2\u51fa\u6216\u5806\u6ea2\u51fa\u7b49\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Intel NUC Kit\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2019-42732\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Intel NUC kits"
  },
  "referenceLink": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html",
  "serverity": "\u4e2d",
  "submitTime": "2019-06-14",
  "title": "Intel NUC Kit\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2019-42732\uff09"
}

CERTFR-2019-AVI-271

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Intel. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Intel	N/A	Intel Core X-series Processors, 4th Generation Intel Core i5 Processors,4th Generation Intel Core i3 Processors, Intel Pentium Processor G Series, Intel Pentium Processor 3000 Series, Intel Celeron Processor 2000 Series, Intel Xeon Processor E7 v3 Family, Intel Xeon Processor E5 v3 Family et Intel Xeon Processor E3 v3 Family
Intel	N/A	ITE Tech Consumer Infrared Driver pour Windows 10 versions antérieures à 5.4.3.0
Intel	N/A	Intel NUC, vérifier sur le site du constructeur pour les versions vulnérables (cf. section Documentation).
Intel	N/A	Intel Omni-Path Fabric Manager GUI versions antérieures à 10.9.2.1.1
Intel	N/A	Intel Accelerated Storage Manager dans Intel RSTe versions antérieures à 5.5.0.2015
Intel	N/A	Intel RAID Web Console 3 pour Windows versions antérieures à 7.009.011.000
Intel	N/A	Intel Turbo Boost Max Technology 3.0 microgiciels versions 1.0.0.1035 et antérieures
Intel	N/A	Intel PROSet/Wireless WiFi Software versions antérieures à 21.10 pour Microsoft Windows 7, 8.1 et 10
Intel	N/A	Intel SGX DCAP Linux driver versions antérieures à 1.1
Intel	N/A	Intel Chipset Device Software (INF Update Utility) versions antérieures à 10.1.1.45
Intel	N/A	Intel SGX Linux client driver versions antérieures à 2.5

References

Title

Publication Time

gsd-2019-11127

Vulnerability from gsd

Modified

2023-12-13 01:24

Details

Buffer overflow in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

Aliases

CVE-2019-11127

Aliases

CVE-2019-11127

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-11127",
    "description": "Buffer overflow in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.",
    "id": "GSD-2019-11127"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-11127"
      ],
      "details": "Buffer overflow in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.",
      "id": "GSD-2019-11127",
      "modified": "2023-12-13T01:24:02.563065Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@intel.com",
        "ID": "CVE-2019-11127",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Intel(R) NUC Firmware",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Please see reference document."
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Buffer overflow in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "escalation of privilege, denial of service and/or information disclosure"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html",
            "refsource": "CONFIRM",
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
          },
          {
            "name": "108766",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/108766"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc_kit_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_de3815tyb:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_dn2820fykh:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5cpyh:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3bnx:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d54250wyx:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3myx:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5myx:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i5syx:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7cjy:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7pjy:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i5bex:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i7ryx:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5pgyh:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5ppyh:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6cayx:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7bex:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hnk:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i7hvk:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i3dnx:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5bnx:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i5dnx:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7bnx:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_d34010wyx:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i3ryx:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc5i5ryx:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i3syx:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc6i7kyk:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc7i7dnx:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc_kit_nuc8i3bex:nuc_kit_nuc8i3cyx:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:compute_card_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:compute_card_cd1iv128mk:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:compute_card_cd1m3128mk:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:compute_card_cd1p64gk:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:compute_card_cd1c64gk:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:compute_stick_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:compute_stick_stck1a32wfc:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:compute_stick_stck1a8lfc:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:compute_stick_stk2m364cc:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:compute_stick_stk2m3w64cc:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:compute_stick_stk2mv64cc:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2019-11127"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Buffer overflow in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "108766",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/108766"
            },
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html?wapkw=2019-11129"
            },
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 0.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-06-24T16:15Z",
      "publishedDate": "2019-06-13T16:29Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2019-11127 (GCVE-0-2019-11127)

Vulnerability from cvelistv5

ghsa-jwcp-99mg-4j5m

Vulnerability from github

fkie_cve-2019-11127

Vulnerability from fkie_nvd

var-201906-1234

Vulnerability from variot

cnvd-2019-42732

Vulnerability from cnvd

CERTFR-2019-AVI-271

Vulnerability from certfr_avis

Solution

gsd-2019-11127

Vulnerability from gsd

Tags

Sightings

Nomenclature