CVE-2019-14610
moderate-risk
Published 2019-12-16
Improper access control in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access.
Do I need to act?
-
0.19% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.8/10
High
LOCAL
/ LOW complexity
Affected Products (19)
Nuc 8 Mainstream Game Kit Firmware
Nuc 8 Mainstream Game Mini Computer Firmware
Nuc8I7Bek Firmware
Cd1P64Gk Firmware
Nuc8I3Cysm Firmware
Nuc8I7Hnk Firmware
Nuc7I7Dnke Firmware
Nuc7I5Dnke Firmware
Nuc7I3Dnhe Firmware
Stk2Mv64Cc Firmware
Stk2M3W64Cc Firmware
Nuc6I7Kyk Firmware
Nuc6I5Syh Firmware
Nuc7Cjyh Firmware
Cd1M3128Mk Firmware
Cd1Iv128Mk Firmware
Nuc6Cays Firmware
De3815Tybe Firmware
D34010Wyb Firmware
Affected Vendors
44
/ 100
moderate-risk
Severity
24/34 · High
Exploitability
1/34 · Minimal
Exposure
19/34 · Moderate