Intel rolls out security updates for seven products

News by Doug Olenick

Intel has patched several vulnerabilities, including three high-rated issues that cover Intel's NUC (CVE-2019-11140), Processor Identification Utility for Windows (CVE-2019-11163) and Computing Improvement Program (CVE-2019-11162)

Intel has released a series of security updates crossing seven product lines with three rated high and four carrying a medium severity rating.

The three high-rated issues cover Intel’s NUC (CVE-2019-11140), Processor Identification Utility for Windows (CVE-2019-11163) and Computing Improvement Program (CVE-2019-11162).

The NUC vulnerability is due to an insufficient session validation in system firmware that could lead to a privileged user to potentially enable escalation of privilege, denial of service and or information disclosure via local access.

CVE-2019-11163 is an insufficient access control in a hardware abstraction driver issue impacting versions before 6.1.0731 and which could allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access.

The Computing Improvement Program flaw is based on insufficient access control in hardware abstraction in SEMA driver for the product that if exploited could let an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access.

The medium-rated problems can be found in Intel RAID Web Console 2AuthenticateDriver & Support Assistant and Remote Displays SDK.

Intel has released patches for all included issues.

This article was originally published on SC Media US.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews