CVE-2019-14607 — Improper Check for Unusual or Exceptional Conditions in Intel-microcode

CWE-754 — Improper Check for Unusual or Exceptional Conditions4 documents4 sources

Severity

5.3MEDIUMNVD

EPSS

0.2%

top 63.87%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Intel-microcode

Timeline

PublishedDec 16

Latest updateMay 24

Description

Improper conditions check in multiple Intel® Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:LExploitability: 1.8 | Impact: 3.4

Affected Packages1 packages

▶debiandebian/intel-microcode< intel-microcode 3.20191115.1 (bookworm)

🔴Vulnerability Details

GHSA

GHSA-x286-gjf2-c426: Improper conditions check in multiple Intel? Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial↗2022-05-24

▶

OSV

CVE-2019-14607: Improper conditions check in multiple Intel® Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial↗2019-12-16

▶

📋Vendor Advisories

Debian

CVE-2019-14607: intel-microcode - Improper conditions check in multiple Intel® Processors may allow an authenticat...↗2019

▶