CVE-2019-0140
Severity Score
8.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Buffer overflow in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow an unauthenticated user to potentially enable an escalation of privilege via an adjacent access.
Un desbordamiento del búfer en el firmware para Intel® Ethernet 700 Series Controllers versiones anteriores a la versión 7.0, puede habilitar a un usuario no autenticado para permitir potencialmente una escalada de privilegios por medio de un acceso adyacente.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-11-13 CVE Reserved
- 2019-11-14 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00255.html | 2021-05-03 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Intel Search vendor "Intel" | Ethernet Controller X710-tm4 Firmware Search vendor "Intel" for product "Ethernet Controller X710-tm4 Firmware" | < 7.0 Search vendor "Intel" for product "Ethernet Controller X710-tm4 Firmware" and version " < 7.0" | - |
Affected
| in | Intel Search vendor "Intel" | Ethernet Controller X710-tm4 Search vendor "Intel" for product "Ethernet Controller X710-tm4" | - | - |
Safe
|
| Intel Search vendor "Intel" | Ethernet Controller X710-at2 Firmware Search vendor "Intel" for product "Ethernet Controller X710-at2 Firmware" | < 7.0 Search vendor "Intel" for product "Ethernet Controller X710-at2 Firmware" and version " < 7.0" | - |
Affected
| in | Intel Search vendor "Intel" | Ethernet Controller X710-at2 Search vendor "Intel" for product "Ethernet Controller X710-at2" | - | - |
Safe
|
| Intel Search vendor "Intel" | Ethernet Controller Xxv710-am2 Firmware Search vendor "Intel" for product "Ethernet Controller Xxv710-am2 Firmware" | < 7.0 Search vendor "Intel" for product "Ethernet Controller Xxv710-am2 Firmware" and version " < 7.0" | - |
Affected
| in | Intel Search vendor "Intel" | Ethernet Controller Xxv710-am2 Search vendor "Intel" for product "Ethernet Controller Xxv710-am2" | - | - |
Safe
|
| Intel Search vendor "Intel" | Ethernet Controller Xxv710-am1 Firmware Search vendor "Intel" for product "Ethernet Controller Xxv710-am1 Firmware" | < 7.0 Search vendor "Intel" for product "Ethernet Controller Xxv710-am1 Firmware" and version " < 7.0" | - |
Affected
| in | Intel Search vendor "Intel" | Ethernet Controller Xxv710-am1 Search vendor "Intel" for product "Ethernet Controller Xxv710-am1" | - | - |
Safe
|
| Intel Search vendor "Intel" | Ethernet Controller X710-bm2 Firmware Search vendor "Intel" for product "Ethernet Controller X710-bm2 Firmware" | < 7.0 Search vendor "Intel" for product "Ethernet Controller X710-bm2 Firmware" and version " < 7.0" | - |
Affected
| in | Intel Search vendor "Intel" | Ethernet Controller X710-bm2 Search vendor "Intel" for product "Ethernet Controller X710-bm2" | - | - |
Safe
|
| Intel Search vendor "Intel" | Ethernet Controller 710-bm1 Firmware Search vendor "Intel" for product "Ethernet Controller 710-bm1 Firmware" | < 7.0 Search vendor "Intel" for product "Ethernet Controller 710-bm1 Firmware" and version " < 7.0" | - |
Affected
| in | Intel Search vendor "Intel" | Ethernet Controller 710-bm1 Search vendor "Intel" for product "Ethernet Controller 710-bm1" | - | - |
Safe
|
| Intel Search vendor "Intel" | Ethernet 700 Series Software Search vendor "Intel" for product "Ethernet 700 Series Software" | < 24.0 Search vendor "Intel" for product "Ethernet 700 Series Software" and version " < 24.0" | - |
Affected
| ||||||