Intel fixes severe NUC firmware, web console vulnerabilities

Left unpatched, the bugs can lead to data leaks, service denial, and privilege escalation.

Intel hits 10th generation Core with 10nm Ice Lake launch Chip giant finally brings 10nm fabrication process to desktop chips.

Intel has revealed a set of high-severity flaws impacting Intel NUC firmware and Intel RAID Web Console 3 (RWC3) for Windows.

On Tuesday, the tech giant released a set of security advisories for the issues, of which RWC3 patches are now available for download.

The bulk of the update, however, relates to Intel Next Unit of Computing (NUC) firmware, used in a variety of PCs with small form factors.

A total of 39 products based on NUC firmware including NUC Kit NUC8i3BEx, Compute Stick STK2MV64CC, NUC Kit NUC5CPYH, and Compute Card CD1IV128MK are impacted.

The first vulnerability of note, CVE-2019-11127, is a buffer overflow issue which can permit privilege escalation if local access is available. The second local vulnerability, CVE-2019-11128, has been caused by insufficient input validation which can not only result in privilege escalation but also denial of service or information disclosure.

Both bugs have been issued a CVSS score of 8.2 and are deemed critical.

See also: Intel finally issues Spoiler attack alert: Now non-Spectre exploit gets CVE but no patch

A further five vulnerabilities, all of which have been issued a critical severity score of 7.5, have also been resolved in the latest NUC firmware update.

A failure to properly validate sessions (CVE-2019-11123), two out of bound read/write issues (CVE-2019-11124, CVE-2019-11129), an insufficient input validation error (CVE-2019-11125), and pointer corruption (CVE-2019-11126) have all been resolved.

If left unpatched, these bugs can lead to privilege escalation, denial of service, and information disclosure. However, threat actors must already have access to an account with a level of user privilege in place to pull off an attack.

Intel has released firmware updates to resolve these security problems.

An advisory relating to Intel's RWC3 has also been published that details a single security flaw, CVE-2019-11119, which impacts the web console system version 4.186 and earlier.  

TechRepublic: How to protect your network against security flaws in Microsoft's NTLM protocol

A lack of session validation in the service API "may allow an unauthenticated user to potentially enable escalation of privilege via network access," according to Intel, leading to the bug being awarded a critical severity rating of 8.9.

Intel thanked Alexander Ermolov, Ruslan Zakirov, Malyutin Maksim for finding and reporting the vulnerabilities.

In April, Intel responded to what researchers called the "Spoiler" attack (CVE-2019-0162), in which inherent weaknesses in Intel's memory systems could be exploited to expose virtual address mapping to physical memory addresses.

CNET: Huawei ban: Full timeline on how and why its phones are under fire

While the company was keen to emphasize that private data could not be compromised through Spoiler, the issue does impact Intel CPUs back to the first generation of the hardware.

Intel gave the vulnerability a low-severity rating and recommended that "side-channel safe software development practices" be employed to mitigate the risk of exploit.

Previous and related coverage


Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0