Vulnerability CVE-2019-0120


Published: 2019-05-17

Description:
Insufficient key protection vulnerability in silicon reference firmware for Intel(R) Pentium(R) Processor J Series, Intel(R) Pentium(R) Processor N Series, Intel(R) Celeron(R) J Series, Intel(R) Celeron(R) N Series, Intel(R) Atom(R) Processor A Series, Intel(R) Atom(R) Processor E3900 Series, Intel(R) Pentium(R) Processor Silver Series may allow a privileged user to potentially enable denial of service via local access.

Type:

CWE-284

(Improper Access Control)

CVSS2 => (AV:L/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
2.1/10
2.9/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
Intel -> Celeron n3000 firmware 
Intel -> Celeron n3350 firmware 
Intel -> Atom 230 firmware 
Intel -> Celeron n3450 firmware 
Intel -> Atom 330 firmware 
Intel -> Celeron n4000 firmware 
Intel -> Atom x5-e3930 firmware 
Intel -> Celeron n4100 firmware 
Intel -> Atom x5-e3940 firmware 
Intel -> J3710 firmware 
Intel -> Atom x7-e3950 firmware 
Intel -> J4205 firmware 
Intel -> Celeron j3060 firmware 
Intel -> J5005 firmware 
Intel -> Celeron j3160 firmware 
Intel -> N3530 firmware 
Intel -> Celeron j3355 firmware 
Intel -> N3540 firmware 
Intel -> Celeron j3455 firmware 
Intel -> N5000 firmware 
Intel -> Celeron j4005 firmware 
Intel -> Pentium silver j5005 firmware 
Intel -> Celeron j4105 firmware 
Intel -> Pentium silver n5000 firmware 
Intel -> Celeron n2830 firmware 
Intel -> Celeron n2840 firmware 
Intel -> Celeron n2930 firmware 
Intel -> Celeron n2940 firmware 

 References:
http://www.securityfocus.com/bid/108485
https://support.f5.com/csp/article/K29002929
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html

Copyright 2024, cxsecurity.com

 

Back to Top