New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Intel NUC and Nvidia Shield High-Severity Flaws

Chip giants, Intel and Nvidia, have released patches for popular products that are commonly used by gamers. Impacted is the Nvidia Shield TV and Intel NUC (Next Unit of Computing) mini-pc kit. The patches address a total of four high-severity flaws, which include two glitches in the Nvidia Shield that could enable code execution, denial of service, escalation of privileges and information disclosure. The two Intel NUC vulnerabilities could allow for escalation of privilege, denial of service and information disclosure. Both Nvidia flaws (tracked as CVE-2019-5699 and CVE-2019-5700) stem from the bootloader, which is a piece of code that runs before the operating system (OS) starts to run and loads the OS when the computer turns on. Nvidia has not released information on whether or not an attacker could be remote or has to have local access. The two Intel NUC vulnerabilities (tracked as CVE-2019-14569 and CVE-2019-14570) could enable an attacker with local access to launch an array of malicious attacks. The first flaw (CVE-2019-14569) stems from pointer corruption in the system firmware for the NUC (a pointer is a programming language variable that stores/points to the memory address of another variable). This could allow an attacker to gain privilege escalation, carry out denial of service or perform information disclosure. The second bug (CVE-2019-14570) comes from a memory corruption issue in the firmware of the Intel NUC which would allow an attacker to perform similar attacks.

Analyst Notes

Both companies recommend that their products be upgraded to the latest software. Instructions on how to download and apply the updates can be found on the company’s websites. It is always recommended to set the computer to download updates and security patches automatically. This will ensure that the system will be up to date. It is especially important to install patches after they have been publicly released because malicious reverse-engineers can use the information in the patches to determine exactly how to compromise unpatched systems. It is not uncommon for attacks on recently-patched software to increase a few days to a few weeks after patches are released, depending on how difficult the patches are to reverse-engineer.