Buffer Overflow Issue in Intel Xeon Processor and Server Products
CVE-2019-0119

6.7MEDIUM

Key Information:

Vendor
Intel
Status
Intel(r) Unified Extensible Firmware Interface (uefi)
Vendor
CVE Published:
17 May 2019

Summary

A buffer overflow vulnerability in the system firmware for select Intel Xeon Processor and Server products allows a privileged user to potentially execute unauthorized functions, leading to the escalation of privileges or a denial of service through local access. This flaw highlights the importance of maintaining firmware security to prevent malicious exploitation.

Affected Version(s)

Intel(R) Unified Extensible Firmware Interface (UEFI) Intel(R) Xeon(R) Processor D Family, Intel(R) Xeon(R) Scalable Processor, Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module.

References

https://www.intel.com/content/www/us/en/security-center/a...
x_refsource_MISC
http://www.securityfocus.com/bid/108485
vdb-entryx_refsource_BID
https://support.f5.com/csp/article/K85585101
x_refsource_CONFIRM

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.