CVE-2019-0120 - Vulnerability Details

Description

Insufficient key protection vulnerability in silicon reference firmware for Intel(R) Pentium(R) Processor J Series, Intel(R) Pentium(R) Processor N Series, Intel(R) Celeron(R) J Series, Intel(R) Celeron(R) N Series, Intel(R) Atom(R) Processor A Series, Intel(R) Atom(R) Processor E3900 Series, Intel(R) Pentium(R) Processor Silver Series may allow a privileged user to potentially enable denial of service via local access.

Published: 2019-05-17

Score: 4.4 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

Intel(R) Unified Extensible Firmware Interface (UEFI)

affected

Version	Status	Constraints
`Intel(R) Pentium(R) Processor J Series, Intel(R) Pentium(R) Processor N Series, Intel(R) Celeron(R) J Series, Intel(R) Celeron(R) N Series, Intel(R) Atom(R) Processor A Series, Intel(R) Atom(R) Processor E3900 Series, Intel(R) Pentium(R) Processor Silver Series.`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:intel:j5005_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:j5005:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:intel:j4205_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:j4205:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:intel:j3710_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:j3710:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:intel:n3540_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:n3540:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:intel:n3530_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:n3530:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:intel:n5000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:n5000:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:intel:celeron_j4005_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_j4005:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:intel:celeron_n4100_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n4100:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:intel:celeron_n4000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n4000:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:intel:celeron_j4105_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_j4105:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:intel:celeron_j3355_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_j3355:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:intel:celeron_n3350_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n3350:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:intel:celeron_j3455_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_j3455:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:intel:celeron_n3450_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n3450:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:intel:celeron_j3060_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_j3060:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:intel:celeron_j3160_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_j3160:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:intel:celeron_n3000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n3000:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:intel:celeron_n2940_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n2940:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:intel:celeron_n2840_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n2840:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:intel:celeron_n2930_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n2930:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:intel:celeron_n2830_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:celeron_n2830:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:intel:atom_330_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_330:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:intel:atom_230_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_230:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:intel:atom_x5-e3930_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_x5-e3930:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:intel:atom_x5-e3940_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_x5-e3940:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:intel:atom_x7-e3950_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:atom_x7-e3950:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:intel:pentium_silver_j5005_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:pentium_silver_j5005:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:intel:pentium_silver_n5000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:pentium_silver_n5000:-:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2019-0927	Insufficient key protection vulnerability in silicon reference firmware for Intel(R) Pentium(R) Processor J Series, Intel(R) Pentium(R) Processor N Series, Intel(R) Celeron(R) J Series, Intel(R) Celeron(R) N Series, Intel(R) Atom(R) Processor A Series, Intel(R) Atom(R) Processor E3900 Series, Intel(R) Pentium(R) Processor Silver Series may allow a privileged user to potentially enable denial of service via local access.

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00046.

Key SSVC decision points have not yet been added.

References

Link	Providers
http://www.securityfocus.com/bid/108485
https://support.f5.com/csp/article/K29002929
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html

History

No history.

Subscriptions

Intel Atom 230 Atom 230 Firmware Atom 330 Atom 330 Firmware Atom X5-e3930 Atom X5-e3930 Firmware Atom X5-e3940 Atom X5-e3940 Firmware Atom X7-e3950 Atom X7-e3950 Firmware Celeron J3060 Celeron J3060 Firmware Celeron J3160 Celeron J3160 Firmware Celeron J3355 Celeron J3355 Firmware Celeron J3455 Celeron J3455 Firmware Celeron J4005 Celeron J4005 Firmware Celeron J4105 Celeron J4105 Firmware Celeron N2830 Celeron N2830 Firmware Celeron N2840 Celeron N2840 Firmware Celeron N2930 Celeron N2930 Firmware Celeron N2940 Celeron N2940 Firmware Celeron N3000 Celeron N3000 Firmware Celeron N3350 Celeron N3350 Firmware Celeron N3450 Celeron N3450 Firmware Celeron N4000 Celeron N4000 Firmware Celeron N4100 Celeron N4100 Firmware J3710 J3710 Firmware J4205 J4205 Firmware J5005 J5005 Firmware N3530 N3530 Firmware N3540 N3540 Firmware N5000 N5000 Firmware Pentium Silver J5005 Pentium Silver J5005 Firmware Pentium Silver N5000 Pentium Silver N5000 Firmware

MITRE

Status: PUBLISHED

Assigner: intel

Published: 2019-05-17T15:41:38.000Z

Updated: 2024-08-04T17:44:14.498Z

Reserved: 2018-11-13T00:00:00.000Z

Link: CVE-2019-0120

Vulnrichment

No data.

NVD

Status : Modified

Published: 2019-05-17T16:29:01.843

Modified: 2024-11-21T04:16:16.273

Link: CVE-2019-0120

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-522

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object