Intel released a firmware update for multiple NUC Kit models to patch a high-severity bug that attackers could exploit to gain privilege escalation, cause a denial-of-service (DoS) condition, or information disclosure. An Intel Compute Card and Compute Stick running the same BIOS firmware are also affected.
The bug has a severity score of 7.5 out of 10, due to insufficient session validation in the system firmware of the NUC Kit devices. The flaw can be exploited if the attacker already has local access with the privileges of a privileged user. The list of devices affected by the bug (CVE-2019-11140) include:
- Intel NUC Kit NUC7i7DNx
- Intel NUC Kit NUC7i5DNx
- Intel NUC Kit NUC7i3DNx
- Intel Compute Stick STK2MV64CC
- Intel Compute Card CD1IV128MK
Intel has had to patch multiple high-severity security flaws in the NUC devices in recent months. In April, Intel patched a security flaw that could also cause a privilege escalation or denial of service, while in June Intel had to patch multiple firmware bugs.
Intel Patches High-Severity Bug In Processor Identification Utility
Another flaw (CVE-2019-11163) affected Intel’s Processor Identification Utility, a free tool Intel gives away to users so they can easily identify the type of processor they have and its specifications.
The bug has an even higher severity score of 8.2 out of 10, due to the insufficient access control in a hardware abstraction driver for the software. The flaw exists in versions of the software older than 6.1.0731. According to Intel, the bug “may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access.”
Intel’s Computer Improvement Program Also Affected
Intel’s Computer Improvement Program is a program that computer owners can join to help Intel make improvements to its processors and detect issues. The program came with a bug (CVE-2019-11162) that could also allow escalation of privilege, denial of service or information disclosure, just like the other bugs above.
Intel said that:
“Insufficient access control in hardware abstraction in SEMA driver for Intel Computing Improvement Program before version 2.4.0.04733 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access.”
Researchers Continue To Uncover Security Issues In Intel Products
All of these security holes were uncovered all the while Intel had to deal with a new Spectre-class bug called “SWAPGS,” which could bypass all previous Spectre mitigations.
As more security researchers focus on Intel’s processors and firmware, we should see an increased number of security issues with Intel’s products at least in the short-term. Not many have attempted to do so until a couple of years ago. However, Intel’s supported products go back a decade or longer, so there should be plenty of bugs to find in the near-term.
In the long-term, Intel would be smart to tighten up both its hardware and software security so that researchers have a lower chance of finding security holes in its next-generation products, even as their research into Intel’s products intensifies.
Stay on the Cutting Edge
Join the experts who read Tom's Hardware for the inside track on enthusiast PC tech news — and have for over 25 years. We'll send breaking news and in-depth reviews of CPUs, GPUs, AI, maker hardware and more straight to your inbox.
On the reference to the SWAPGS vulnerability: the researchers in this case only tested pre-Bulldozer AMD CPUs, so it's hardly representative of modern AMD CPUs. For all we know the Zen family has the same vulnerability.Reply
On the subject itself: really? Again? With the recent disclosure of multiple motherboard vendors having security issues this may not be as surprising, but I get the feeling that Intel has been mentioned in 90% of all articles related to security vulnerabilities in the last two years or so. They may not be the only one cutting corners, but they definitely seem to be doing it the most. You'd figure Intel would run out of things to do wrong some day but it's not today.
This is pretty clear language.AMD said:Based on external and internal analysis, AMD believes it is not vulnerable to the SWAPGS variant attacks because AMD products are designed not to speculate on the new GS value following a speculative SWAPGS.
The link to CVE-2019-11162 is wrong - it points to CVE-2017-11162. Not that it really matters, since the details are still non-public.admin said:Intel issued patches for multiple security flaws affecting NUC Kit and other related devices, as well as some Intel software tools.
Intel Patches High-Severity Bugs In NUC Kit, Software Tools : Read more