Xeon Platinum 9282 Firmware
CVE-2019-14607
MEDIUM
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
1DescriptionNVD
Improper conditions check in multiple Intel® Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access.
AnalysisAI
Improper conditions check in multiple Intel® Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-754. Improper conditions check in multiple Intel® Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access. Affected products include: Intel Xeon Platinum 9282 Firmware, Intel Xeon Platinum 9242 Firmware, Intel Xeon Platinum 9222 Firmware, Intel Xeon Platinum 9221 Firmware, Intel Xeon Platinum 8280M Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Xeon Platinum 9282 Firmware
View allInsufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D
Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially e
Insufficient memory protection in System Management Mode (SMM) and Intel(R) TXT for certain Intel(R) Xeon(R) Processors
Insufficient access control in system firmware for Intel(R) Xeon(R) Scalable Processors, 2nd Generation Intel(R) Xeon(R)
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized
Improper input validation for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable denial
Improper access control for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable infor
Same technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today