Skip to main content

Core I7 6970Hq Firmware CVE-2019-0123

HIGH
2019-11-14 secure@intel.com
Privilege Escalation Intel Core I7 6970Hq Firmware Core I7 6920Hq Firmware Core I7 6870Hq Firmware Core I7 6822Eq Firmware Core I7 6820Hq Firmware Core I7 6820Hk Firmware Core I7 6820Eq Firmware Core I7 6785R Firmware Core I7 6700K Firmware Core I7 6700T Firmware Core I7 6700Te Firmware Core I7 6700 Firmware Core I7 6770Hq Firmware Core I7 6700Hq Firmware Core I7 6660U Firmware Core I7 6650U Firmware Core I7 6600U Firmware Core I7 6567U Firmware Core I7 6560U Firmware Core I7 6500U Firmware Core I7 7920Hq Firmware Core I7 7820Hq Firmware Core I7 7820Hk Firmware Core I7 7820Eq Firmware Core I7 7700Hq Firmware Core I7 7700 Firmware Core I7 7700K Firmware Core I7 7700T Firmware Core I7 7660U Firmware Core I7 7600U Firmware Core I7 7567U Firmware Core I7 7560U Firmware Core I7 7500U Firmware Core I7 7Y75 Firmware Core I7 8665Ue Firmware Core I7 8665U Firmware Core I7 8557U Firmware Core I7 8850H Firmware Core I7 8809G Firmware Core I7 8750H Firmware Core I7 8709G Firmware Core I7 8706G Firmware Core I7 8705G Firmware Core I7 8700T Firmware Core I7 8700K Firmware Core I7 8700B Firmware Core I7 8700 Firmware Core I7 8569U Firmware Core I7 8650U Firmware Core I7 8565U Firmware Core I7 8559U Firmware Core I7 8550U Firmware Core I7 8500Y Firmware Core I7 8086K Firmware Core I9 9980Hk Firmware Core I9 9880H Firmware Core I9 9900T Firmware Core I9 9900Ks Firmware Core I9 9900Kf Firmware Core I9 9900K Firmware Core I9 9900 Firmware Core I7 9850Hl Firmware Core I7 9850He Firmware Core I7 9850H Firmware Core I7 9750Hf Firmware Core I7 9750H Firmware Core I7 9700Te Firmware Core I7 9700T Firmware Core I7 9700Kf Firmware Core I7 9700K Firmware Core I7 9700F Firmware Core I7 9700E Firmware Core I7 9700 Firmware Core I7 10710U Firmware Core I7 10510U Firmware Core I7 10510Y Firmware Xeon E3 1585 V5 Firmware Xeon E3 1585L V5 Firmware Xeon E3 1578L V5 Firmware Xeon E3 1575M V5 Firmware Xeon E3 1565L V5 Firmware Xeon E3 1558L V5 Firmware Xeon E3 1545M V5 Firmware Xeon E3 1535M V5 Firmware Xeon E3 1515M V5 Firmware Xeon E3 1505M V5 Firmware Xeon E3 1505L V5 Firmware Xeon E3 1280 V5 Firmware Xeon E3 1275 V5 Firmware Xeon E3 1270 V5 Firmware Xeon E3 1268L V5 Firmware Xeon E3 1260L V5 Firmware Xeon E3 1245 V5 Firmware Xeon E3 1240L V5 Firmware Xeon E3 1240 V5 Firmware Xeon E3 1235L V5 Firmware Xeon E3 1230 V5 Firmware Xeon E3 1225 V5 Firmware Xeon E3 1220 V5 Firmware Xeon E3 1535M V6 Firmware Xeon E3 1505M V6 Firmware Xeon E3 1505L V6 Firmware Xeon E3 1501L V6 Firmware Xeon E3 1501M V6 Firmware Xeon E3 1285 V6 Firmware Xeon E3 1280 V6 Firmware Xeon E3 1275 V6 Firmware Xeon E3 1270 V6 Firmware Xeon E3 1245 V6 Firmware Xeon E3 1240 V6 Firmware Xeon E3 1230 V6 Firmware Xeon E3 1225 V6 Firmware Xeon E3 1220 V6 Firmware Xeon E 2288G Firmware Xeon E 2286M Firmware Xeon E 2286G Firmware Xeon E 2278Gel Firmware Xeon E 2278Ge Firmware Xeon E 2278G Firmware Xeon E 2276Ml Firmware Xeon E 2276Me Firmware Xeon E 2276M Firmware Xeon E 2276G Firmware Xeon E 2274G Firmware Xeon E 2254Ml Firmware Xeon E 2254Me Firmware Xeon E 2246G Firmware Xeon E 2244G Firmware Xeon E 2236 Firmware Xeon E 2234 Firmware Xeon E 2226Ge Firmware Xeon E 2226G Firmware Xeon E 2224 Firmware Xeon E 2224G Firmware Xeon E 2186G Firmware Xeon E 2186M Firmware Xeon E 2176G Firmware Xeon E 2176M Firmware Xeon E 2174G Firmware Xeon E 2146G Firmware Xeon E 2144G Firmware Xeon E 2136 Firmware Xeon E 2134 Firmware Xeon E 2126G Firmware Xeon E 2124 Firmware Xeon E 2124G Firmware
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Nov 14, 2019 - 20:15 nvd
HIGH 7.8

DescriptionNVD

Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting SGX, may allow a privileged user to potentially enable escalation of privilege via local access.

AnalysisAI

Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting SGX, may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting SGX, may allow a privileged user to potentially enable escalation of privilege via local access. Affected products include: Intel Core I7-6970Hq Firmware, Intel Core I7-6920Hq Firmware, Intel Core I7-6870Hq Firmware, Intel Core I7-6822Eq Firmware, Intel Core I7-6820Hq Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2019-0124 HIGH
7.8 Nov 14

Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting TXT, may allow a privi

CVE-2019-0155 HIGH
7.8 Nov 14

Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R)

CVE-2019-11157 MEDIUM
6.7 Dec 16

Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially en

CVE-2022-29901 MEDIUM
6.5 Jul 12

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mit

CVE-2022-21180 MEDIUM
5.5 Jun 15

Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of

CVE-2022-21151 MEDIUM
5.5 May 12

Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authe

CVE-2020-8695 MEDIUM
5.5 Nov 12

Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially ena

CVE-2020-8694 MEDIUM
5.5 Nov 12

Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to p

CVE-2020-0549 MEDIUM
5.5 Jan 28

Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially

CVE-2020-0548 MEDIUM
5.5 Jan 28

Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure

CVE-2019-0185 MEDIUM
5.5 Nov 14

Insufficient access control in protected memory subsystem for SMM for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM)

CVE-2019-0154 MEDIUM
5.5 Nov 14

Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) C

Share

CVE-2019-0123 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy