CVE-2019-0126
MEDIUMIntel Xeon D and Xeon Scalable Processor Firmware - Privilege Escalation and Denial of Service via Local Access
Title source: llmDescription
Insufficient access control in silicon reference firmware for Intel(R) Xeon(R) Scalable Processor, Intel(R) Xeon(R) Processor D Family may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_misc
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/108485
Vendor Advisory x_refsource_confirm
https://support.f5.com/csp/article/K37428370
Scores
CVSS v3
6.7
EPSS
0.0004
EPSS Percentile
13.5%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (48)
intel/xeon_bronze_processors_firmware
intel/xeon_d-1513n_firmware
intel/xeon_d-1518_firmware
intel/xeon_d-1520_firmware
intel/xeon_d-1521_firmware
intel/xeon_d-1523n_firmware
intel/xeon_d-1527_firmware
intel/xeon_d-1528_firmware
intel/xeon_d-1529_firmware
intel/xeon_d-1531_firmware
... and 38 more
Published
May 17, 2019
Tracked Since
Feb 18, 2026