Intel Ethernet Controller 710-Bm1 Firmware vulnerabilities

11 known vulnerabilities affecting intel/ethernet_controller_710-bm1_firmware.

Total CVEs
11
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM8

Vulnerabilities

Page 1 of 1
CVE-2019-0140HIGHCVSS 8.8fixed in 7.02019-11-14
CVE-2019-0140 [HIGH] CWE-120 CVE-2019-0140: Buffer overflow in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allo Buffer overflow in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow an unauthenticated user to potentially enable an escalation of privilege via an adjacent access.
nvd
CVE-2019-0142HIGHCVSS 8.2fixed in 1.33.0.02019-11-14
CVE-2019-0142 [HIGH] CVE-2019-0142: Insufficient access control in ilp60x64.sys driver for Intel(R) Ethernet 700 Series Controllers befo Insufficient access control in ilp60x64.sys driver for Intel(R) Ethernet 700 Series Controllers before version 1.33.0.0 may allow a privileged user to potentially enable escalation of privilege via local access.
nvd
CVE-2019-0145HIGHCVSS 7.8fixed in 7.02019-11-14
CVE-2019-0145 [HIGH] CWE-120 CVE-2019-0145: Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.
nvd
CVE-2019-0148MEDIUMCVSS 5.5fixed in 7.02019-11-14
CVE-2019-0148 [MEDIUM] CWE-772 CVE-2019-0148: Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may al Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.
nvd
CVE-2019-0144MEDIUMCVSS 6.5fixed in 7.02019-11-14
CVE-2019-0144 [MEDIUM] CWE-755 CVE-2019-0144: Unhandled exception in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may Unhandled exception in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow an authenticated user to potentially enable a denial of service via local access.
nvd
CVE-2019-0146MEDIUMCVSS 5.5fixed in 2.8.432019-11-14
CVE-2019-0146 [MEDIUM] CWE-772 CVE-2019-0146: Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access.
nvd
CVE-2019-0143MEDIUMCVSS 5.5fixed in 7.02019-11-14
CVE-2019-0143 [MEDIUM] CWE-755 CVE-2019-0143: Unhandled exception in Kernel-mode drivers for Intel(R) Ethernet 700 Series Controllers versions bef Unhandled exception in Kernel-mode drivers for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.
nvd
CVE-2019-0139MEDIUMCVSS 6.7fixed in 7.02019-11-14
CVE-2019-0139 [MEDIUM] CVE-2019-0139: Insufficient access control in firmware for Intel(R) Ethernet 700 Series Controllers before version Insufficient access control in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow a privileged user to potentially enable an escalation of privilege, denial of service, or information disclosure via local access.
nvd
CVE-2019-0149MEDIUMCVSS 5.5fixed in 2.8.432019-11-14
CVE-2019-0149 [MEDIUM] CWE-20 CVE-2019-0149: Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions b Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access.
nvd
CVE-2019-0147MEDIUMCVSS 5.5fixed in 7.02019-11-14
CVE-2019-0147 [MEDIUM] CWE-20 CVE-2019-0147: Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions b Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.
nvd
CVE-2019-0150MEDIUMCVSS 5.1fixed in 7.02019-11-14
CVE-2019-0150 [MEDIUM] CVE-2019-0150: Insufficient access control in firmware Intel(R) Ethernet 700 Series Controllers versions before 7.0 Insufficient access control in firmware Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow a privileged user to potentially enable a denial of service via local access.
nvd