CVE-2019-14609 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.7 MEDIUM	LOCAL	LOW	HIGH	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
intel	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 36%

Vendor	Product	Version
intel	nuc_8_mainstream_game_kit_firmware	𝑥 < 0036
intel	nuc_8_mainstream_game_mini_computer_firmware	𝑥 < 0036
intel	nuc8i7bek_firmware	𝑥 < 0077
intel	cd1p64gk_firmware	𝑥 < 0053
intel	nuc8i3cysm_firmware	𝑥 < 0043
intel	nuc8i7hnk_firmware	𝑥 < 0059
intel	nuc7i7dnke_firmware	𝑥 < 0067
intel	nuc7i5dnke_firmware	𝑥 < 0067
intel	nuc7i3dnhe_firmware	𝑥 < 0067
intel	stk2mv64cc_firmware	𝑥 < 0061
intel	stk2m3w64cc_firmware	𝑥 < 0062
intel	nuc6i7kyk_firmware	𝑥 < 0066
intel	nuc6i5syh_firmware	𝑥 < 0072
intel	nuc7cjyh_firmware	𝑥 < 0053
intel	cd1m3128mk_firmware	𝑥 < 0058
intel	cd1iv128mk_firmware	𝑥 < 0038
intel	nuc6cays_firmware	𝑥 < 0064
intel	de3815tybe_firmware	𝑥 < 0024
intel	d34010wyb_firmware	𝑥 < 0054

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00323.html

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00323.html