CVE-2019-0140
HIGHIntel Ethernet Controller X710-tm4 Firmware < 7.0 - Buffer Overflow
Title source: ruleDescription
Buffer overflow in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow an unauthenticated user to potentially enable an escalation of privilege via an adjacent access.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00255.html
Scores
CVSS v3
8.8
EPSS
0.0037
EPSS Percentile
58.6%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-120
Status
published
Products (7)
intel/ethernet_700_series_software
< 24.0
intel/ethernet_controller_710-bm1_firmware
< 7.0
intel/ethernet_controller_x710-at2_firmware
< 7.0
intel/ethernet_controller_x710-bm2_firmware
< 7.0
intel/ethernet_controller_x710-tm4_firmware
< 7.0
intel/ethernet_controller_xxv710-am1_firmware
< 7.0
intel/ethernet_controller_xxv710-am2_firmware
< 7.0
Published
Nov 14, 2019
Tracked Since
Feb 18, 2026