Improper Check or Handling of Exceptional Conditions in Intel products - CVE-2019-14607
Published: December 11, 2019
Vulnerability identifier: #VU23547
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2019-14607
CWE-ID: CWE-703
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Intel
Affected software:
2nd Generation Intel Xeon Scalable Processors
Intel Xeon D Processors
Intel Xeon W Processors
8th Generation Intel Core i9
9th Generation Intel Core i9
Intel Xeon Processor E3 v5 Family
Intel Xeon Processor E3 v6 Family
Intel Xeon Processor E Family
6th Generation Intel Core Processors
7th Generation Intel Core Processors
8th Generation Intel Core Processors
10th Generation Intel Core Processors
Intel Xeon Scalable Processors
2nd Generation Intel Xeon Scalable Processors
Intel Xeon D Processors
Intel Xeon W Processors
8th Generation Intel Core i9
9th Generation Intel Core i9
Intel Xeon Processor E3 v5 Family
Intel Xeon Processor E3 v6 Family
Intel Xeon Processor E Family
6th Generation Intel Core Processors
7th Generation Intel Core Processors
8th Generation Intel Core Processors
10th Generation Intel Core Processors
Intel Xeon Scalable Processors
Detailed vulnerability description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper conditions check. A local user can enable partial escalation of privilege and cause a denial of service and/or information disclosure on the target system.
How to mitigate CVE-2019-14607
Install updates from vendor's website.