CVE-2019-0140
HIGHIntel Ethernet 700 Series Firmware < 7.0 - Unauthenticated Buffer Overflow via Adjacent Access
Title source: llmDescription
Buffer overflow in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow an unauthenticated user to potentially enable an escalation of privilege via an adjacent access.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00255.html
Scores
CVSS v3
8.8
EPSS
0.0056
EPSS Percentile
42.6%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-120
Status
published
Products (7)
intel/ethernet_700_series_software
< 24.0
intel/ethernet_controller_710-bm1_firmware
< 7.0
intel/ethernet_controller_x710-at2_firmware
< 7.0
intel/ethernet_controller_x710-bm2_firmware
< 7.0
intel/ethernet_controller_x710-tm4_firmware
< 7.0
intel/ethernet_controller_xxv710-am1_firmware
< 7.0
intel/ethernet_controller_xxv710-am2_firmware
< 7.0
Published
Nov 14, 2019
Tracked Since
Feb 18, 2026