CATEGORIES
home News

What The NUC? Intel Patches Serious Security Flaws In Mini PCs, Software Utilities

by Brandon HillThursday, August 15, 2019, 02:30 PM EDT

Not long after Microsoft issued a bevy of security updates for its products during Patch Tuesday, Intel is holding its own "patch party" for its hardware and software products. Products affected include Intel's lineup of NUC mini PCs and Compute Sticks along with a few of its software utilities.

intel nuc

On the NUC front, Intel issued an advisory describing a vulnerability (CVE-2019-11140) in the device firmware that can lead to an escalation of privileges or denial of service attack. Intel traced the exploit back to "insufficient session validation" that could allow such attacks to take place. The security concern has been given a CVSS Base Score of 7.5, which is considered high severity. Affected Intel systems are listed below:

  • Intel NUC Kit NUC7i7DNx
  • Intel NUC Kit NUC7i5DNx
  • Intel NUC Kit NUC7i3DNx
  • Intel Compute Stick STK2MV64CC
  • Intel Compute Card CD1IV128MK

You can find firmware updates for these systems and more on CVE-2019-11140 by clicking the following link.

A flaw (CVE-2019-11163) has also been found in the seemingly harmless Intel Processor Identification Utility (Windows Version). This tool allows you to see detailed information and specs on your installed Intel processor, however, it too has been flagged for privilege elation and denial of service exploits. CVE-2019-11163 has a CVSS Base Score of 8.2 (high severity), and users can mitigate the security intrusion by upgrading to Intel Processor Identification Utility version 6.1.0731 or later, which you can download here.

Intel has also issued updates for its Computing Improvement Program, due to improper access control in the SEMA driver. This is another high severity exploit with a CVSS Base Core of 8.2. Intel has addressed this security breach with its version 2.4.0.04733 update.

Finally, a vulnerability was discovered in the Intel Driver & Support Assistant (CVE-2019-11145), which could result in an escalation of privileges. Unlike the other exploits, the is a medium risk with a CVSS Base Score of 6.7. Intel has pushed out version 19.7.30.2 of its utility to eradicate the threat, which you can download here.

Tags:  Intel, security, NUC, (NASDAQ:INTC)
Brandon Hill

Brandon Hill

Brandon received his first PC, an IBM Aptiva 310, in 1994 and hasn’t looked back since. He cut his teeth on computer building/repair working at a mom and pop computer shop as a plucky teen in the mid 90s and went on to join AnandTech as the Senior News Editor in 1999. Brandon would later help to form DailyTech where he served as Editor-in-Chief from 2008 until 2014. Brandon is a tech geek at heart, and family members always know where to turn when they need free tech support. When he isn’t writing about the tech hardware or studying up on the latest in mobile gadgets, you’ll find him browsing forums that cater to his long-running passion: automobiles.

Opinions and content posted by HotHardware contributors are their own.

TOP STORIES
Which New GPU Is For You?
More Results
KEEP INFORMED

Stay updated with the latest news and updates. Subscribe to our newsletter!

Subscribe Now
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2026 Hot Hardware Inc, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment