Chip giants, Intel and Nvidia, have released patches for popular products that are commonly used by gamers. Impacted is the Nvidia Shield TV and Intel NUC (Next Unit of Computing) mini-pc kit. The patches address a total of four high-severity flaws, which include two glitches in the Nvidia Shield that could enable code execution, denial of service, escalation of privileges and information disclosure. The two Intel NUC vulnerabilities could allow for escalation of privilege, denial of service and information disclosure. Both Nvidia flaws (tracked as CVE-2019-5699 and CVE-2019-5700) stem from the bootloader, which is a piece of code that runs before the operating system (OS) starts to run and loads the OS when the computer turns on. Nvidia has not released information on whether or not an attacker could be remote or has to have local access. The two Intel NUC vulnerabilities (tracked as CVE-2019-14569 and CVE-2019-14570) could enable an attacker with local access to launch an array of malicious attacks. The first flaw (CVE-2019-14569) stems from pointer corruption in the system firmware for the NUC (a pointer is a programming language variable that stores/points to the memory address of another variable). This could allow an attacker to gain privilege escalation, carry out denial of service or perform information disclosure. The second bug (CVE-2019-14570) comes from a memory corruption issue in the firmware of the Intel NUC which would allow an attacker to perform similar attacks.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.