CVE & CISA-KEV Catalog

CVE-2019-14611

MEDIUM
6.7
CVSS v3
NVD

Description

Integer overflow in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access.

How to fix

Remediation Available
cd1iv128mk firmwareNVD
Affected:< 0038Fixed in:0038CVE-2019-14611derived from NVD
cd1m3128mk firmwareNVD
Affected:< 0058Fixed in:0058CVE-2019-14611derived from NVD
cd1p64gk firmwareNVD
Affected:< 0053Fixed in:0053CVE-2019-14611derived from NVD
d34010wyb firmwareNVD
Affected:< 0054Fixed in:0054CVE-2019-14611derived from NVD
de3815tybe firmwareNVD
Affected:< 0024Fixed in:0024CVE-2019-14611derived from NVD
nuc6cays firmwareNVD
Affected:< 0064Fixed in:0064CVE-2019-14611derived from NVD
nuc6i5syh firmwareNVD
Affected:< 0072Fixed in:0072CVE-2019-14611derived from NVD
nuc6i7kyk firmwareNVD
Affected:< 0066Fixed in:0066CVE-2019-14611derived from NVD
nuc7cjyh firmwareNVD
Affected:< 0053Fixed in:0053CVE-2019-14611derived from NVD
nuc7i3dnhe firmwareNVD
Affected:< 0067Fixed in:0067CVE-2019-14611derived from NVD
nuc7i5dnke firmwareNVD
Affected:< 0067Fixed in:0067CVE-2019-14611derived from NVD
nuc7i7dnke firmwareNVD
Affected:< 0067Fixed in:0067CVE-2019-14611derived from NVD
nuc8i3cysm firmwareNVD
Affected:< 0043Fixed in:0043CVE-2019-14611derived from NVD
nuc8i7bek firmwareNVD
Affected:< 0077Fixed in:0077CVE-2019-14611derived from NVD
nuc8i7hnk firmwareNVD
Affected:< 0059Fixed in:0059CVE-2019-14611derived from NVD
nuc 8 mainstream game kit firmwareNVD
Affected:< 0036Fixed in:0036CVE-2019-14611derived from NVD
nuc 8 mainstream game mini computer firmwareNVD
Affected:< 0036Fixed in:0036CVE-2019-14611derived from NVD
stk2m3w64cc firmwareNVD
Affected:< 0062Fixed in:0062CVE-2019-14611derived from NVD
stk2mv64cc firmwareNVD
Affected:< 0061Fixed in:0061CVE-2019-14611derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorLocal
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploit Intelligence

0.34%probability of exploitation in 30 days
26thpercentile

Low risk: more likely to be exploited than 26% of all known CVEs.

References

Patch1

Related Vulnerabilities

Other CWE-190 (Integer Overflow) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2020-16040Medium6.5100%-Fix
CVE-2019-11477High7.599%-Fix
CVE-2023-44443High7.894%-Fix
CVE-2014-0569High9.390%--
CVE-2017-3599High7.590%-Fix
CVE-2023-21716Critical9.882%-Fix
Embed a live status badge for CVE-2019-14611
CVE-2019-14611 severity badge

Markdown

[![CVE-2019-14611](https://tridentstack.com/cve/badge/CVE-2019-14611.svg)](https://tridentstack.com/cve/CVE-2019-14611)

HTML

<a href="https://tridentstack.com/cve/CVE-2019-14611"><img src="https://tridentstack.com/cve/badge/CVE-2019-14611.svg" alt="CVE-2019-14611"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.